Featured Articles

IHS teardown reveals Galaxy S5 BOM

IHS teardown reveals Galaxy S5 BOM

Research firm IHS got hold of Samsung’s new flagship smartphone and took it apart to the last bolt to figure out…

More...
Galaxy S5, HTC One M8 available selling well

Galaxy S5, HTC One M8 available selling well

Samsung’s Galaxy S5 has finally gone on sale and it can be yours for €699, which is quite a lot of…

More...
Intel lists Haswell refresh parts

Intel lists Haswell refresh parts

Intel has added a load of Haswell refresh parts to its official price list and there really aren’t any surprises to…

More...
Respawn confirms Titanfall DLC for May

Respawn confirms Titanfall DLC for May

During his appearance at PAX East panel and confirmed on Twitter, Titanfall developer Respawn confirmed that the first DLC pack for…

More...
KFA2 GTX 780 Ti Hall Of Fame reviewed

KFA2 GTX 780 Ti Hall Of Fame reviewed

KFA2 gained a lot of overclocking experience with the GTX 780 Hall of Fame (HOF), which we had a chance to…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Tuesday, 22 December 2009 11:13

Microsoft white list stuffs up security

Written by Nick Farell

Image

Damned if you do, damned if you don't


Insecurity
experts have been hassling Microsoft over the use of white lists. Microsoft has been recommending that users exclude some file extensions and folders from antivirus scans, because it thinks that they will be safe. Having a scanner look at all files takes a lot of time and mostly pointless, Redmond thinks.

In a document published on its support site, Microsoft suggests that users do not scan some files and folders for malware as a way to improve performance in Windows 2000, XP, Vista, Windows 7, Server 2003, Server 2008 and Server 2008 R2.

"These files are not at risk of infection. If you scan these files, serious performance problems may occur because of file locking," Microsoft states in the document However security experts say that is the sort of attitude that gets computers infected and Microsoft may be putting users at risk. Among the files and folders Microsoft tells users to exclude are those associated with Windows Update and Group Policy, and files with the .edb., .sdb and .chk extensions contained within the "%windir%\security folder.

Trend Micro said that while the list was ok it should never have been made public. David Sancho, a malware researcher with Trend Micro, in an entry to his firm's blog claimed that the list could be a boon to hackers.

"Cybercriminals may strategically drop or download a malicious file into one of the folders that are recommended to be excluded from scanning, or use a file extension that is also in the excluded list," he said.

Nick Farell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

To be able to post comments please log-in with Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments