On Wed, Jun 6, 2012 at 7:19 PM, Ben Scott <[email protected]> wrote: > On Wed, Jun 6, 2012 at 4:53 PM, Kurt Buff <[email protected]> wrote: >> And, IMHO, more evidence that application whitelisting is really required... >> http://www.wired.com/threatlevel/2012/06/internet-security-fail/ > > So long as you're not using Microsoft's code signing infrastructure > as part of your whitelisting solution... > > -- Ben
But of course - there are several alternatives for that, though. Using your own PKI, or using 3rd party hashes (CERT and I think SANS have them) would be better. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
