Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Microsoft: MSE safe from Windows kernel hook attack


13 May 2010   #1

Windows 7 Ultimate x64, Mint 9
 
 
Microsoft: MSE safe from Windows kernel hook attack

Microsoft: MSE safe from Windows kernel hook attack

Quote:
Microsoft Security Essentials (MSE), the software giant's free antimalware solution, is one of the few products that is not affected by the recently rediscovered method for disabling security software on Windows. MSE does not use SSDT hooks, so its real-time protection cannot be disabled via this method.
When the report was first published, we noticed that MSE was not on the list of affected products and contacted Microsoft for clarification. "Microsoft is aware of research published by Matousec and we are investigating the issue," a Microsoft spokesperson told Ars. "Based on available information, we do not believe our products are affected due to the design of our real-time protection. We are working to confirm this."
Source: Microsoft: MSE safe from Windows kernel hook attack


~Lordbob

My System SpecsSystem Spec
.

13 May 2010   #2

Windows 7 Ultimate (32 bit)
 
 

What you mean MS Security Essentials does something better than all the rest of the Antivirus software.
I'm sure this will not reach the national media.
And I'm sure the lovers of all those other antivirus software won't say a word how really good MS Security Essentials reallt is.....
I just love MSE.
My System SpecsSystem Spec
13 May 2010   #3

W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE
 
 

From what I read here:

New Attack Bypasses Anti-Malware Protection [Update] - Security Watch

MSE may be unique in this respect, but unless I have a problem, I'm not going to use it.
My System SpecsSystem Spec
.


13 May 2010   #4

Windows 8.1 Pro w/Media Center 64bit, Windows 7 HP 64bit
 
 

Quote   Quote: Originally Posted by seekermeister View Post
From what I read here:

New Attack Bypasses Anti-Malware Protection [Update] - Security Watch

MSE may be unique in this respect, but unless I have a problem, I'm not going to use it.
From reading the above article it seems that 64bit systems were not tested and because MS uses Patch Guard on 64bit systems to prevent kernel hooks this attack probably wont work on 64bit systems. Thats was one of the main reasons I chose Win 7 64bit instead of the 32bit version.

Jim
My System SpecsSystem Spec
13 May 2010   #5

Windows 7 Ultimate 64-bit
 
 

Quote   Quote: Originally Posted by seekermeister View Post
From what I read here:

New Attack Bypasses Anti-Malware Protection [Update] - Security Watch

MSE may be unique in this respect, but unless I have a problem, I'm not going to use it.
Not unique. McAfee, Norton and Kaspersky all patch the kernel like crazy under x86. Under x64 the are supposed to use the new APIs because of PatchGuard. According to Wikipedia "Antivirus software made by competitors ESET,[17] Trend Micro,[18] Grisoft AVG,[19] and Sophos does not patch the kernel."

This information is somewhat specious because we're not sure which versions we're talking about and whether these lists are inclusive.

Either way MSE is easily the most compatible with 7 and it's performance is only getting better.
My System SpecsSystem Spec
14 May 2010   #6

Windows 7 Home Premium 64 bit
 
 

Quote   Quote: Originally Posted by IggyAZ View Post
What you mean MS Security Essentials does something better than all the rest of the Antivirus software.
I'm sure this will not reach the national media.
And I'm sure the lovers of all those other antivirus software won't say a word how really good MS Security Essentials reallt is.....
I just love MSE.
Agreed. I was sceptical but now I'm sold on MSE
My System SpecsSystem Spec
14 May 2010   #7

7 Ultimate x64, Vista Ultimate x64, 7 Pro x64, XP Pro x86, Linux Mint Nadia Cinnamon
 
 

Aha, another reason never to give up my MSE.
My System SpecsSystem Spec
14 May 2010   #8

Win7 Home Premium 64x
 
 

good to know. I had been wondering about this for a few days since that other article had been posted. thanks Lordbob75
My System SpecsSystem Spec
14 May 2010   #9

Windows 7 Professional x64 SP1
 
 

Thank God I chose MSE for my anti-malware solution on my netbook.
My System SpecsSystem Spec
14 May 2010   #10

Windows 7 Ultimate x64, Mint 9
 
 

Quote   Quote: Originally Posted by Thorsen View Post
good to know. I had been wondering about this for a few days since that other article had been posted. thanks Lordbob75
No problem. There are not always follow up articles, but in this case there was.
There is a follow up to another one, with a rather sadder ending.

~Lordbob
My System SpecsSystem Spec
Reply

 Microsoft: MSE safe from Windows kernel hook attack




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 11:37 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33