(Question) WSA Detection

Hi

Does WSA protect us from Exploit and Vulnerabilities? Example: Windows Exploits/Vulnerabilities or Programs Exploits/Vulnerabilities?



Thanks.

 

All of the above

 

When an anti-malware program detects an object labeled as an "exploit," is that really a piece of malware that was installed on the system, or is it some kind of component that needs to be altered, or else it could be used maliciously.

The terminology gets confusing because often classes of malware categorically overlap. There are rootkits that testers will drop on systems, and they know they are rootkits, and AVs block them and label them vastly different, often as trojan horses.

 

It will be actual malware which is using the exploit in another program. We've considered doing what you've suggested - detecting old versions of software as "Exploitable" but it could end up causing user confusion instead so we just lock them down behaviorally very closely.

 

Ah I see.

 

i hope in future version of WSA inclue vulnerabilities scan or detect old software as Exploitable , because the safest way to avoid a old software to get exploited is installing the new version of the software which contain the fix.

 

You can use Secunia PSI to do that for free, and it has automatic updating for the vulnerable software