WMI is the Microsoft implementation of Web-Based Enterprise Management (WBEM), which is an industry initiative to develop a standard technology for accessing management information in an enterprise environment. WMI uses the Common Information Model (CIM) industry standard to represent systems, applications, networks, devices, and other managed components. CIM is developed and maintained by the Distributed Management Task Force (DMTF).
WMI is a useful tool for system administration and computer management. However, WMI-related threats are a wake-up call to computing individuals. The need to inadvertently look at certain features of a system for potential damage rather than to better use it is critical in determining what new threat vectors cybercriminals may leverage. There is a thin line between restriction, security, and versatility that one always has to consider when serving one?s computing needs. To learn more about WMI, its advantages and disadvantages, and the mitigation methods that can be used to prevent threats from abusing WMI, read the paper "Understanding WMI Malware" posted at TrendWatch. http://us.trendmicro.com/imperia/md/content/us/trendwatch/researchandanalysis/understanding_wmi_malware__july_2010_.pdf Regards Sandeep Thakur -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
