Jump to content
alasmi8

Request new feature to ESET Smart Security Premium

Recommended Posts

Hi,

if this wrong section , don’t deleted it just move it to correct section i’m a newbie in this forum

 

I want to request new feature to ESET Smart Security Premium 

the feature is : Folder shield 

like this :

15648092031.jpeg

 

+ Protect all connected USB drivers

if you accept my request , i will buy eset smart security for 1 PC (even if price reach 100$)

 

thanks.

Share this post


Link to post
Share on other sites

There is a pinned topic "Future changes to..." in each product's forum where users can post proposals for improvements and changes.

Regarding Folder Shield, this is not the way we would like to go since current competitive solutions are more-less trivial and unreliable.
https://www.bleepingcomputer.com/news/security/researcher-bypasses-windows-controlled-folder-access-anti-ransomware-protection/

You can use HIPS rules to control which applications can write to specific folders, however, malware could inject into trusted processes and make changes in protected folders anyways. Or the same could be accomplished by macros in documents that are opened by trusted processes (Office applications).

Share this post


Link to post
Share on other sites
Posted (edited)

Folder sheild is best way to protect folders from ransomware

i think ESET developers can prevent malware from inject to any trusted processes , prevent macros too

then what i should do ?

 

download this https://qpdownload.com/folder-shield-extra-security/

 

or using trend micro anti virus folder sheild ?

Edited by alasmi8

Share this post


Link to post
Share on other sites
2 hours ago, alasmi8 said:

Folder sheild is best way to protect folders from ransomware

i think ESET developers can prevent malware from inject to any trusted processes , prevent macros too

then what i should do ?

 

download this https://qpdownload.com/folder-shield-extra-security/

 

or using trend micro anti virus folder sheild ?

The problem is what happens when that program gets hacked then infected. Best example of this is the ccleaner incident a few years back when someone managed to infect ccleaner. The problem is it is a well used and often respected program but if it was marked as trustworthy that could cause issues

Share this post


Link to post
Share on other sites

You can make custom HIPS rules to protect folders.

 

Share this post


Link to post
Share on other sites
Posted (edited)

A penetration testing concern tested Windows Defender controlled folders for bypass capability last year: https://www.nyotron.com/wp-content/uploads/2018/04/Nyotron-Windows10-Report-April-2018.pdf .

To dispel a few myths, WD controlled folders held its own against common code injection techniques against its default allowed processes, Such was not the case for any user created whitelisted processes. However and pointed out in the article, most users would probably not create any. Such was not the case however in regards to advanced code injection techniques such as APC based code injection, WMI based, and Word Macro based. The question is how Eset's HIPS mitigated protected folders would fare against the same.

Then there is the case of malware based privileged escalation techniques. Well if employed and directed against WD controlled folders, assume all your files will be encrypted. Since this article was written prior to Win 10 1903 WD tamper protection feature, maybe the article noted system modifications would not be possible. I certainly hope so for users relying on WD controlled folders protection.

Edited by itman

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...