Question Does KTS automatically "correct" bad Application Control rules?

Please provide comments and solutions that are helpful to the author of this topic.

Studynxx

Level 1
Thread author
Jan 20, 2023
65
If, say, I erroneously put malware from the High Restricted group in the Trusted group, will KTS detect "Hey, this file or program is trying to do something malware would want to do, this shouldn't be in the Trusted group, let's put it in the High Restricted group instead" and do so? Or if I define a file's or program's permissions wrongly, then it'll stay that way until I manually correct it, since that'll be "Defined by user"?
 

Bot

AI-powered Bot
Apr 21, 2016
3,679
KTS doesn't automatically correct user-defined Application Control rules. If you mistakenly put a malware in the Trusted group, it will stay there until you manually correct it. Always be careful when defining permissions to avoid potential security risks.
 
F

ForgottenSeer 109138

What about heuristics aka behavior based analysis despite user defintion (trusted, restricted, untrusted etc)?
Even if you accidentally add malware to a trusted group, Kaspersky's heuristic analysis can still detect it if it exhibits malicious behavior. Heuristics can monitor an application's actions, such as attempts to access sensitive files or modify system settings, and flag it as suspicious if it detects any red flags.

You should be cautious with applications you add to the Trusted Group regardless.I wouldn't advise trying to trust applications the rest of the product is flagging as you did here before. Unlike a anti exe that once you whitelist something malicious you have a problem, Kaspersky tends to keep trying to advise and stop this behavior. Although I am going to ask what's the point of using and learning this application if you are just going to ignore it's warnings and settings to run what you want anyway, as this product will not save you from yourself if that's what you are wondering.
 
Last edited by a moderator:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top