I posted? Anyway, thank you for the answer.The answer is in the article that you posted:
"Simply by creating a Windows Registry key, an attacker could name the application he wants to hijack and then provide his own rogue DLL he'd like injected into a legitimate process."
Thank you for sharing.Here's Fabian's response:
What Say Thee Emsisoft? DoubleAgent: Taking Full Control Over Your Antivirus
"I suggest having a quick read here:
There is really nothing else to add. Just some cheats trying to pass off publicly available knowledge as groundbreaking and original research."
Sorry for the confusion. Yeah, I was talking about application whitelisting in general. Popular Avast doesn't even have Hardened mode by default. Afraid of risks maybe?That post referred to learning AppGuard - and not abuse of AppVerif.
Already covered at the very beginning of this thread:Like itman stated in this post
DoubleAgent: Taking Full Control Over Your Antivirus
For starters, Application Verifier most likely is not even installed on your PC:
So, before worrying it's probably a good idea to check system32 and see if Appverif.exe and Appverif.chm are there.
Avast Hardened Mode, Kaspersky KSN, COMODO FLS, Webroot "Block any file unless it is specifically whitelisted," etc... is whitelisting based upon file reputation query. It is whitelisting "for the masses." Select radio button or tick a box to enable...Popular Avast doesn't even have Hardened mode by default.