Cyber Security Expo
Protected – but 0wned: A Real-world Example of Today’s Desktop Security by Anton Chuvakin on 04/05/07

Here is my account of an incident story, which I initially mentioned here (, with some details changed to protect the innocent, who was smart enough to call me for help.

What we have here is a fully patched Windows XP Professional SP2 system (with automatic updates to both Windows and Office set to daily) and also:

a) freshly updated (updates set to daily) and functioning Symantec Anti-Virus Corporate Edition version 10.X, configured with all protections, including spyware/adware (called “Security Risks” by the tool vendor)

b) freshly updated Windows Defender version 1.X (set for daily updates and Quick Scans), also configured with all protections, and

c) ZoneAlarm free edition latest version 6.X with a well-tuned outbound rules and, obviously, nothing allowed inbound.

This document is in PDF format. To view it click here.

Rate this article

All images, content & text (unless other ownership applies) are © copyrighted 2000 -  , All rights reserved. Comments are property of the respective posters.