Following Microsoft Virus Scanning Advice May Push You In Danger (Security Alert)
Microsoft Support center recently releases a list of security recommendation to help its customer to speed up PC performance when they scan their PC for viruses and apparently this advice will boost your PC performance but that also bring some security threat issue. In their recommendation the Redmond base company ask their customer to stop checking Microsoft Windows Update or Automatic Update related files and Group Policy related files but in this way they also ask scanning of certain file extensions:
Exclude the following files:
- Edb*.logNote The wildcard character indicates that there may be several
files.- Res1.log. The file is named Edbres00001.jrs for Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2.
- Res2.log. The file is named Edbres00002.jrs for Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2.
- Edb.chk
- Tmp.edb
- The following files in the
%windir%security path should be added to the exclusions list:
- *.edb
- *.sdb
- *.log
- *.chk
Note If these files are not excluded, security databases are typically corrupted, and Group Policy cannot be applied when you scan the folder. The wildcard character indicates that there may be several files. Specifically, you must exclude the following files:
- Edb.chk
- Edb.log
- *.log
- Security.sdb in the
<drive>:windowssecuritydatabase folder
The said recommendations does not pose a significant threat as of now but it can be. This day Cyber-criminals are smart enough and will use this public massage as a way to spread their threat, they may strategically drop or download a malicious file into one of the folders that are recommended to be excluded from scanning or use a file name extension that is also in the excluded list.
It may be good to follow the advised recommendation but you have to be smarter when you exclude some file or folder from virus scanning as it may lead serious security hole and cyber-crimal may use that hole to exploit your system.
Related posts:
- Haiti Earthquake search may push you in danger (Security Alert)
- Fake McAfee Virus Remover Ahead – Beware (Security Alert)
- Follow Microsoft Security Advisory Tips To Fix Critical IE 0-Day Exploit (Security Alert)
- Security Essentials 2010 is a fake anitivirus (Security Alert)
- Microsoft Free Anti-Virus ‘Morrow’ coming soon
Join us in Facebook or in Twitter
More on: Security Alert
These are security loopholes worthy of putting into scrutiny. Vigilance must be practiced at all times.
Mathdelane´s last blog ..Join Software Critics’ $1,500US New Year Giveaway
You are right Mathdelane.
It seems as though Microsoft is always having security issues or loopholes in something they just released. I’m not bashing Microsoft, but it does seem fairly commonplace these days
Blogger Den´s last blog ..Best Resources To Find Free Stock Photos For Web Designers | W3Avenue
Microsoft provide most used OS and that’s why more people involve here to find a loophole than any other OS and may be that’s why we always blame Microsoft. As a programmer I know it’s hard to build most secure system. There is always a way to exploit something.
This is really a big concern. Security should be paramount.
Ruchi´s last blog ..How to use Digg Effectively to Promote Your Blog
Everybody should concern about security before applying any changes in their system but it’s hard to educate everyone.
This is somewhat illogical, offering updates when it is harmful to your computer. Might be better to use another software to scan for virus. I have not done a scan on my computer.
Marlene´s last blog ..Let It Be White
The problem is not the antivirus, the problem is the way the recommend to use it. It’s always a good idea to let antivirus scan the way it wants.