Any antivirus or antispyware ever attack one of its own files? Maybe NAV killing NPF? I wonder how the AVs prevent that from happening, considering some of the methods they use in the software.
Gene Giannamore Abide International Inc. Technical Support 561 1st Street West Sonoma,Ca.95476 (707) 935-1577 Office (707) 935-9387 Fax (707) 766-4185 Cell [EMAIL PROTECTED] -----Original Message----- From: Phil Brutsche [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 12, 2008 10:17 PM To: NT System Admin Issues Subject: Re: AVG released BAD update I bet it would be a better idea to verify the signature - ask Microsoft for the public portion of their X.509 signing key to verify the integrity of system files. The AV package would use it's own copy of Microsoft's public key since it would have no way of knowing if the key store was somehow compromised. Ben Scott wrote: >> I wonder why the AV companies don't find a better way to prevent >> something like this, do not delete digitally signed files, something. > Anything they did, the attackers could do, too. > > You're asking for the inverse of the "evil bit" defined in RFC-3514 > -- a "good bit" that can be set on files that aren't dangerous. -- Phil Brutsche [EMAIL PROTECTED] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
