-- Eko Sulistiono MIKRODATA & AntiVirus Media Web: http://www.mikrodata.co.id/ WAP: http://www.mikrodata.co.id/wap/index.wml This message contains no viruses. Guaranteed by AVP.
Yesterday I received my new laptop with a default installation of Microsoft Windows ME and the Norton Antivirus 2001 product. Durring a short test I accidentally stumbled upon a possible security problem with NAV. Overview: If you place a virus or other known malware in the c:\_RESTORE folder (apparently default on Windows ME) Norton Antivirus will not scan that folder in a "full-system" scan. This seems to be Symantec�s poor choice not to scan such files? However if you manually scan C:\_RESTORE NAV will find the infected file but won�t be able to delete, repair nor quarantine the file? This could lead a malicious user to drop files into the restore folder - there�re a few obvious ways to exploit this. Eventually this can be tested by booting from a dos and copy a virus to c:\_RESTORE. The test will show that NAV2001 will indeed detect the virus but will be unable to do further. This just might be a even bigger issue and could be Windows ME based and therefore leaving other AV-products vulnerable. Does anybody have further information regarding this possible security bug? I have contacted Symantec this morning but still no reply. Kind regards Peter Kruse www.virus112.com
------------------------------------------------------------------------ Forum Komunikasi Penulis-Pembaca MIKRODATA (FKPPM) Informasi : http:[EMAIL PROTECTED] Arsip : http://www.mail-archive.com/forum%40mikrodata.co.id/ WAP : http://mikrodata.co.id/wap/index.wml Milis ini menjadi kontribusi beberapa rubrik yang diasuh tim MIKRODATA. Termasuk rubrik-rubrik yang ada di media lain. Memakai, Menyebarluaskan, dan Memperbanyak software bajakan adalah tindakan kriminal. Please check with the latest AVP update before you ask about virus: ftp://mikrodata.co.id/avirus_&_security/AntiViral_Toolkit_Pro/avp30.zip
