Importance of Self Protection...

Discussion in 'Prevx Releases' started by STV0726, Jan 15, 2012.

Thread Status:
Not open for further replies.
  1. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    Hey Joe, do you agree with this:

    " 'Self-protection' add-on modules are basically worthless, since once malware has taken control they simply become a war that can't be won and make the processor go into overdrive as a result, crippling the PC.

    The only effective way to protect a system is to not operate as an Administrator (Limited/Restricted user) and use filing system protections to limit access to the core MSE files and services themselves, which they've already done. "


    An MCC posted this on Microsoft Answers, and I cannot say I agree.
     
  2. opcode

    opcode Registered Member

    Joined:
    Dec 19, 2011
    Posts:
    37
    Location:
    united states
    If anything its always fun to watch which piece of code wins the battle for control! When it doesn't freeze the system, that is...
     
  3. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
  4. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    There have been privilege escalation exploits in the past within Windows which have broken past the account based restrictions. Once code reaches the kernel level all bets are off, but if we can prevent it from doing damage higher, it's still worthwhile in my opinion.

    The primary use for self protection, however, is to prevent users from disabling it or to prevent children from disabling protection, for example.

    I don't see it going away any time soon from Webroot or other security software :) Microsoft even encourages it with several kernel interfaces added in to Vista+.
     
  5. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    Well then, without naming names because that's not what I'm about, the MCC that said the quote either is not explaining what he means by "basically worthless" extensively enough, or he doesn't know as much as he claims to...

    ...it almost sounds like he's making an excuse for MSE so they don't have to get better, when in reality they do, very much so in fact, if they want their Windows 8 Defender full antimalware app to be worth its salt and not hacked up like a victim of Jason Voorhees.
     
Thread Status:
Not open for further replies.