Techworld.com - Microsoft firewall could be security risk: "But if an installer can switch off Windows Firewall%2C so could an attacker%2C%0D%0Aargues Zone Labs%2C maker of the popular ZoneAlarm firewall. The company said%0D%0Aits own products are locked-down in such a way that third-party applications%0D%0Acan%27t disable firewall protection without uninstalling the software.%0D%0A%0D%0AMicrosoft admitted that%2C in some cases%2C malicious code could indeed switch%0D%0Athe firewall off. However%2C this isn%27t so much a flaw as a limitation on the%0D%0Arole firewalls should play in a company%27s security system%2C Microsoft said.%0D%0A%22An attacker could misuse that %28administrative%29 capability%2C%22 said Microsoft%0D%0Atechnical specialist David Overton. %22But you%27re already in a compromised%0D%0Astate%2C if you%27re at that point.%22 He said that Windows Firewall is designed%0D%0Ato stop malicious transmissions to the PC%2C rather than protecting the PC%0D%0Aonce it%27s been infected."
If malicious code makes it past the firewall, it is the role of anti-virus
software to protect the machine, Overton said. Likewise, it is not the
firewall's place to stop malicious code from sending outbound packets -
Microsoft argues companies should use perimeter technologies to examine
outbound traffic. "The firewall is a management process, not a silver
bullet," Overton said.
Brak komentarzy:
Prześlij komentarz