Does WSA handle this

Discussion in 'Prevx Releases' started by volvic, Aug 19, 2012.

Thread Status:
Not open for further replies.
  1. volvic

    volvic Registered Member

    Joined:
    Aug 17, 2009
    Posts:
    220
  2. Techfox1976

    Techfox1976 Registered Member

    Joined:
    Jul 22, 2010
    Posts:
    749
    Does it block the exploit? No. That's the job of a patch. Trying to block things at the exploit level is a fruitless and failing job.

    Does it prevent the exploit from successfully loading a virus or trojan or other threat onto your computer? Most of the time, and more times than others, and if it doesn't block it immediately, it can still remove it afterwards with complete success.

    Patches are always the best answer for blocking, since the ones the article said blocked the exploit were only able to block the exploit in those lab tests and not in several other tests. Since exploits come a dime a dozen every week, trying to keep up with blocking exploits is pretty much useless. Blocking the stuff the exploit tries to do is much more effective.
     
  3. volvic

    volvic Registered Member

    Joined:
    Aug 17, 2009
    Posts:
    220
    Thanks techfox.
    Pity no one from prevx responded.
     
  4. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ volvic

    You could request they do so ;)
     
  5. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Sorry, I can't see every post :) Techfox's response is correct - we don't bother trying to block individual exploits, we take the entrypoint into account and then just block the threat itself. That's why WSA just whitelisted leak tests.
     
Thread Status:
Not open for further replies.