New
#1
Microsoft's 'whitelist' helps hackers, says Trend Micro
VULNERABILITIES
By recommending that users exclude some file extensions and folders from antivirus scans, Microsoft may put users at risk, a security company said today.
In a document published on its support site, Microsoft suggests that users do not scan some files and folders for malware as a way to improve performance in Windows 2000, XP, Vista, Windows 7, Server 2003, Server 2008 and Server 2008 R2. …
Among the files and folders Microsoft tells users to excludeare those associated with Windows Update and Group Policy, and files with the .edb., .sdb and .chk extensions contained within the "%windir%\security" folder. Trend Micro took exception -- not with the list itself, butwith
Microsoft making it public. … David Sancho, a malware researcher with Trend Micro…argued that the list
could be a boon to hackers. [Date: 21 December 2009; Source:
Morehttp://www.computerworld.com/s/article/9142571/