Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Comodo
Kaspersky Antivirus PROTECTED Comodo from an EXPLOIT!
Message
<blockquote data-quote="Andy Ful" data-source="post: 1105757" data-attributes="member: 32260"><p>There are probably more AVs that can protect against this exploit. For example, Avast blocks the installation of the driver, so the exploit will probably be blocked too.</p><p>Microsoft Defender can block it via the ASR rule related to vulnerable drivers.</p><p>The Windows default driver's policy also blocks the driver on Windows 11 (23H2).</p><p>Kaspersky created the TDSSKiller required in this attack, so it is not an accident that it can block the exploit.</p><p></p><p>Edit.</p><p>In the video (Windows 10) the driver's policy does not block the driver, so the exploit will work. The probable reason can be disabled Core isolation.</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 1105757, member: 32260"] There are probably more AVs that can protect against this exploit. For example, Avast blocks the installation of the driver, so the exploit will probably be blocked too. Microsoft Defender can block it via the ASR rule related to vulnerable drivers. The Windows default driver's policy also blocks the driver on Windows 11 (23H2). Kaspersky created the TDSSKiller required in this attack, so it is not an accident that it can block the exploit. Edit. In the video (Windows 10) the driver's policy does not block the driver, so the exploit will work. The probable reason can be disabled Core isolation. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
