AntiExectuable and Vista Support

Hi All,

Does anyone know when or if Faronics is developing support for Vista esp with Anti-Executable?

Cheers,
Jeremy

 

It is in beta and I was told it would be out in the first quarter of this year.

 

It's predictable and obvious that AE will run under winVISTA as well.
I like AE alot : simple philosophy, easy-to-use, whitelist-based, killing any executable malware immediately, protects itself very well and is quiet as long everything is normal. A professional evergreen, worth its price.

I recently unzipped a file, that contained an executable malware, I never saw that malware, it was removed while I was unzipping the file. That's what I call "action".

 

Is it effective in situations where there are vulnerability in code such as in the WMF vulnerability (http://secunia.com/advisories/18255/) and Flash play buffer overflows issues (http://secunia.com/advisories/26027) ?

 

See here

 

Remember, that AE does not block the .wmf file from running, but prevents the .wmf code from installing the executable payload.

When the .wmf exploit surfaced, someone created a PoC where the .wmf file launched the windows calculator. This, of course, AE would not prevent.

The PoC showed that the exploit could do other things besides run a binary executable. To my knowledge, no in-the-wild-exploits surfaced that did anything else besides attempt to install a trojan executable.

The .wmf exploit, of course, has since been patched.


----
rich

 

So from my understanding, the zero-day exploit still exists. However ANY executable code, even ones from a buffer overflow, is stopped from running. Is this true?

 

Right

 

the current AE can not prevent the VBscript, Javascript, Flash.

I hope they can add the protection for this in the new version. There are many posts about how VBscript call Win API in the google. that will be a new holl.

 

If the final outcome of those actions continues to be placing an untrusted executable (trojan downloader/dropper, etc) in the system, AE will continue to be up-to-date.

 

YES! YES! YES!

AE is one of those what i call SUPER apps, it's stable plus it's POWER coded to instantly protect against executables in very rapid fashion, almost like it has a sixth sense, (AI ?) internal sensor maybe?

 

Sounds good. Can't wait for it to work on Vista. If all goes well, I might even buy it. (No I usually resort to freebies...I'm a poor uni student).

Anyone else have experiences to share?