(Question) WSA Detection

Discussion in 'Prevx Releases' started by JCRUYFF, Oct 13, 2011.

Thread Status:
Not open for further replies.
  1. JCRUYFF

    JCRUYFF Registered Member

    Joined:
    Oct 27, 2009
    Posts:
    87
    Hi

    Does WSA protect us from Exploit and Vulnerabilities? Example: Windows Exploits/Vulnerabilities or Programs Exploits/Vulnerabilities?



    Thanks.
     
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    All of the above :)
     
  3. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    When an anti-malware program detects an object labeled as an "exploit," is that really a piece of malware that was installed on the system, or is it some kind of component that needs to be altered, or else it could be used maliciously.

    The terminology gets confusing because often classes of malware categorically overlap. There are rootkits that testers will drop on systems, and they know they are rootkits, and AVs block them and label them vastly different, often as trojan horses.
     
  4. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    It will be actual malware which is using the exploit in another program. We've considered doing what you've suggested - detecting old versions of software as "Exploitable" but it could end up causing user confusion instead so we just lock them down behaviorally very closely.
     
  5. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    Ah I see.
     
  6. JCRUYFF

    JCRUYFF Registered Member

    Joined:
    Oct 27, 2009
    Posts:
    87
    i hope in future version of WSA inclue vulnerabilities scan or detect old software as Exploitable , because the safest way to avoid a old software to get exploited is installing the new version of the software which contain the fix.
     
  7. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,770
    Location:
    Outer space
    You can use Secunia PSI to do that for free, and it has automatic updating for the vulnerable software ;)
     
Thread Status:
Not open for further replies.