I wonder why something like Sandboxie is not included as standard issue ( I know, if it was widespread, it would be attacked too) ...
and for the layperson, I liken the definition update requirement like updating a mugshot book. You cannot catch all the current criminals if your mugshot book doesn't include their 'picture' ... I see the lightbulb come on for many with that analogy. On Tue, Oct 11, 2011 at 7:32 AM, Alan Davies <adav...@cls-services.com>wrote: > Exactly - the "average" user runs a browser with Java and Adobe plugins. > This gives a much greater scope for exploitation than any subtle > differences between browsers. I'd worry far less about what browser they > run, and far more about their user privs and ability to keep all of their > software up to date. IE's smartfilter (is that what it's called? Can't > remember!) blocks a lot of bad stuff and it's a great addition to the > browser. I'm glad that it exists and the malicious software removal tool, > etc. since there are so many users out there who never renew that 3 month > free trial of AV that came from the OEM! > > > a > > -----Original Message----- > From: Kurt Buff [mailto:kurt.b...@gmail.com] > Sent: 11 October 2011 05:36 > To: NT System Admin Issues > Subject: Re: AV and malware protection? > > On Mon, Oct 10, 2011 at 21:01, Ben Scott <mailvor...@gmail.com> wrote: > <snip> > > Now, > > I regard ActiveX as a really bad idea to begin with -- allowing a web > > page to push binary executables to my PC is *not* a good idea, IMO, > > Java, too. > > > and I think history would support me on this one -- but if you're > > going to allow it, you need something a bit better than just requiring > > a bit of crypto thrown at it. More reasonable would be denying > > install to anything but Trusted Sites. If the user can't type the > > site name that's a fair bet they shouldn't be installing it, one way > > or the other. There are a number of other things, too, such as the > > ability to run an EXE from the web in two clicks, or allowing scripts > > to manipulate the browser window (Firefox does that too, I might add). > > Allowing anything running in a browser to write to disk or touch other > running programs or other hardware is poor design, IMHO. > > But I'm a paranoid freak, and don't like computers, so what do I know... > > Kurt > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < > http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > ************************************************************************************ > WARNING: > The information in this email and any attachments is confidential and may > be legally privileged. > > If you are not the named addressee, you must not use, copy or disclose this > email (including any attachments) or the information in it save to the named > addressee nor take any action in reliance on it. If you receive this email > or any attachments in error, please notify the sender immediately and then > delete the same and any copies. > > "CLS Services Ltd × Registered in England No 4132704 × Registered Office: > Exchange Tower × One Harbour Exchange Square × London E14 9GE" > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin