Jump to content

Recent Blog Posting


Recommended Posts

In regards to this blog posting 'Everything you need to know about the latest variant of Petya,' great article.

However, I have a problem with one section:

What can I do to stay protected from this threat?

You should also block the execution of EXE files within % AppData% and % Temp%

Why doesn't the HIPS have a default "ask" rule for same? 

Link to post
Share on other sites
  • ESET Moderators

Hello ITman,

this would cause quite a lot of pop-up inquiries towards end users, what would bother them and not everyone is able to take the right decision in case of such inquiry.

There are many applications, which are upgraded automatically and are downloading and running the update packages from temp. 

Regards, P.R.

Link to post
Share on other sites

Hi Peter,

My comments where rhetorical in nature since I am well aware of what you posted.

Perhaps Eset should clarify in the blog posting what you posted. That is such recommended monitoring of stated directories will indeed cause alerts from valid process activity; especially during installation or updating activities. Or better yet as I have commented in another posting, Eset incorporate logic that allow like activity from valid system processes and fully vetted applications automatically and alert from all other processes.

Link to post
Share on other sites
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...