Like the article points out, that's default behavior protecting against (low tech) malicious code making changes. White list the file or protect it with an ACL that keeps the system from making changes.
Honestly, why not just block those sites with windows firewall rules? On Sep 2, 2012 3:40 AM, "Steve Tomporowski" <[email protected]> wrote: > http://www.h-online.com/**security/news/item/Microsoft-** > s-security-software-modifies-**HOSTS-file-1670927.html<http://www.h-online.com/security/news/item/Microsoft-s-security-software-modifies-HOSTS-file-1670927.html> > > This is only relevant if you use the HOSTS file to block ads. Surprise, > those blocks will be automatically removed. >
