Antivirus whitelist and program/OS updates

Discussion in 'other anti-virus software' started by malexous, Nov 28, 2014.

  1. malexous

    malexous Registered Member

    Joined:
    Jun 18, 2010
    Posts:
    828
    Location:
    Ireland
    Is there an antivirus that can be set to a whitelist mode and will not block the automatic updates of Firefox, Adobe Flash and the operating system?
     
  2. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,730
    Location:
    localhost
    ZoneAlarm has an automatic whitelisting of MS. components ("Microsoft Catalog Utilization") it will never block MS. Updates. No need to have it whitelisted locally or via the cloud, with no lag between when they are whitelisted and the user installation.

    For the rest, you can set autentication only by location and not by fingerprints/hash checking. i.e. it will not warn you on changes of existing files but it will on completely new files or locations. Other security tools has whitelist by digital certificate. Depending on implementation these whitelisting may open up to potential attacks.
     
    Last edited: Nov 28, 2014
  3. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,257
    At least Kaspersky (Trusted execution mode) & Avast ((aggressive) hardened mode) have that.
    They combine whitelist in cloud, so don't interfere with common program's update.
     
  4. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Actually avast! (and I presume many others as well) use signatures and whitelists to avoid false positives in general. So, anything that has a valid Microsoft Corporation signature cannot be marked as malware no matter what. This way, even if a signature pattern matches some Windows component as malware, digital signature jumps in betweena nd says, hold your horses scan engine, the file is digitally signed by Microsoft and can't be malware. And it seems to work pretty well since I haven't had any false positives from major companies for ages. Those few rare conflicts are nto false positives related, they simply happen because of conflicts and not as malware detection warnings.
     
Loading...