Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
VoodooShield
VoodooShield Latest
Message
<blockquote data-quote="ForgottenSeer 823865" data-source="post: 845901"><p>Windows is insecure by default since it's creation, why? </p><p>1- you are on admin account by default and will run almost everything on high privileges. Totally insane. Even SUA is just an admin account stripped of some privileges, not really a separate account. </p><p>2- too many useless services, interpreters and executables (LOLbins/LOLscripts) present by default which aren't even needed by average Joe. </p><p>3- it is popular and like any popular OS, it is more targeted.</p><p></p><p>Now, like me you can limit attack vectors by using built-in features (GPO, SRP, Applocker, etc...) or 3rd party security softs, most will be default-deny mechanism. </p><p>But all this will be useless if a dedicated attacker find kernel exploits (like Eternalblue) which can only be eradicated via an OS patch and nothing else. </p><p>Reason all security vendors never mentioned about stopping kernel exploit is just because they can't protect you against it, and if one say it does, be sure it is just blatant marketing BS.</p></blockquote><p></p>
[QUOTE="ForgottenSeer 823865, post: 845901"] Windows is insecure by default since it's creation, why? 1- you are on admin account by default and will run almost everything on high privileges. Totally insane. Even SUA is just an admin account stripped of some privileges, not really a separate account. 2- too many useless services, interpreters and executables (LOLbins/LOLscripts) present by default which aren't even needed by average Joe. 3- it is popular and like any popular OS, it is more targeted. Now, like me you can limit attack vectors by using built-in features (GPO, SRP, Applocker, etc...) or 3rd party security softs, most will be default-deny mechanism. But all this will be useless if a dedicated attacker find kernel exploits (like Eternalblue) which can only be eradicated via an OS patch and nothing else. Reason all security vendors never mentioned about stopping kernel exploit is just because they can't protect you against it, and if one say it does, be sure it is just blatant marketing BS. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
