Author Topic: MS bypasses host files (Read 3745 times)

polonus · « **on:** April 16, 2006, 07:59:10 PM »

Hi malware fighters,

Microsoft bypasses lookups to hostfiles to enable its AV-solution has advantage over other AV-solutions. Read here:
http://yro.slashdot.org/article.pl?sid=06/04/16/1351217&from=rss

polonus

DavidR · « **Reply #1 on:** April 16, 2006, 08:33:29 PM »

So much for trustworthy computing

bob3160 · « **Reply #2 on:** April 16, 2006, 09:13:28 PM »

Actually, all they've done is to make sure that updates of MS products wouldn't be blocked by Malware.
Unfortunately that still doesn't guarantee that the user will update his/her system when updates are available and needed to keep the system secure.
I think that's what most of the problem with all the infected systems is right now.
It again proves the old adage that "You can lead a horse to water but you can't make it drink."

CharleyO · « **Reply #3 on:** April 16, 2006, 09:18:54 PM »

***

I think Bob has a good point and ......

Besides that, MS AV nor AS (Defender products) are not that good as for any other such product/company to worry about this.

Of course, there could be other implications in this.

***

DavidR · « **Reply #4 on:** April 16, 2006, 10:26:10 PM »

But why does msn.com fall into this catch all and why not other AV and security sites ?

I suggest that you read the original information http://www.securityfocus.com/archive/1/431032/30/0/threaded, which gives I feel a greater insite into the issue.

It is just the undocumented and to me underhand way it is done that is the issue, not just MS's method, well intentioned or otherwise.

polonus · « **Reply #5 on:** April 16, 2006, 10:33:45 PM »

Hi DavidR,

Yes, that is what is annoying to me, is that MS is always ready to somewhat bend the rules. Is n't it with protocols, then it is here, uncommented, often not verifyable, until someone finds it up. Not that other parties do not do it, but MS really has a history in this field.

polonus

bob3160 · « **Reply #6 on:** April 16, 2006, 11:11:24 PM »

Quote

But why does msn.com fall into this catch all and why not other AV and security sites ?

Maybe because it's Microsofts operating system?

polonus · « **Reply #7 on:** April 16, 2006, 11:28:44 PM »

Hi bob3160,

Rightly so, and I agree with you there. But there is room for exploit there, and that is the scary bit, nothing to do with Microsoft though, read here:
http://www.milw0rm.com/exploits/641

And this brings down considerably benefits of XP SP2, where the feature we discuss here in this thread appeared for the first time.
It is just what we have to say over and over again: "the benefits for the one party are often to the disadvantage of another".

polonus

DavidR · « **Reply #8 on:** April 17, 2006, 12:29:18 AM »

Quote from: bob3160 on April 16, 2006, 11:11:24 PM

Quote
But why does msn.com fall into this catch all and why not other AV and security sites ?
Maybe because it's Microsofts operating system?

The same, 'because it's microsoft's OS' and they can do what they want caused anti-competitive issues in the US and big fines in Europe.

Author Topic: MS bypasses host files (Read 3745 times)

polonus

MS bypasses host files

DavidR

Re: MS bypasses host files

bob3160

Re: MS bypasses host files

CharleyO

Re: MS bypasses host files

DavidR

Re: MS bypasses host files

polonus

Re: MS bypasses host files

bob3160

Re: MS bypasses host files

polonus

Re: MS bypasses host files

DavidR

Re: MS bypasses host files