tlu
September 17th, 2004, 02:21 AM
Hello!
In http://www.wilderssecurity.com/showthread.php?t=48001 I mentioned that I visited the windowsupdate site (without installing anything), afterwards I downloaded and installed an Office XP patch (adressing the new JPEG vulnerability). A reboot was not necessary.
Everything seemed okay. But when I opened the PG GUI I noticed that protection was still enabled but the list of protected applications was completely empty - this was only fixed by rebooting the computer.
There are two things that strike me: 1. PG didn't inform me that the protection the program offers might have been somehow affected. I wouldn't have noticed if I hadn't opened the GUI.
2. The cause for this problem is not clear to me. Was it only the fact that I visited windowsupdate (resulting in the execution of JScript and ActiveX code), or was it the installation of the Office patch? Whatever - it seems that there are internal functions in the operating system that can affect the security provided by PG.
The crucial question for me is: If this is true - how can I be sure that malware might not misuse these functions in oder to (partially) disable PG? Is this a possible PG vulnerability?
In http://www.wilderssecurity.com/showthread.php?t=48001 I mentioned that I visited the windowsupdate site (without installing anything), afterwards I downloaded and installed an Office XP patch (adressing the new JPEG vulnerability). A reboot was not necessary.
Everything seemed okay. But when I opened the PG GUI I noticed that protection was still enabled but the list of protected applications was completely empty - this was only fixed by rebooting the computer.
There are two things that strike me: 1. PG didn't inform me that the protection the program offers might have been somehow affected. I wouldn't have noticed if I hadn't opened the GUI.
2. The cause for this problem is not clear to me. Was it only the fact that I visited windowsupdate (resulting in the execution of JScript and ActiveX code), or was it the installation of the Office patch? Whatever - it seems that there are internal functions in the operating system that can affect the security provided by PG.
The crucial question for me is: If this is true - how can I be sure that malware might not misuse these functions in oder to (partially) disable PG? Is this a possible PG vulnerability?