SecureAPlus Forum
Forum Support => Software Problems and Questions => Topic started by: bellgamin on March 20, 2020, 02:10:13 PM
-
At Wilders forum's thread about SecureAPlus (https://www.wilderssecurity.com/threads/secureaplus-vs-voodoo-shield.376396/page-3#post-2903657) (SAP), it is alleged that:
A) SAP is somewhat weak against Scriptors (e.g. worms).
B) SAP does not check those areas of the computer where persistent values might exist that cause malware to restart on computer reboot. (That is, areas like the Registry, or Roaming, etc).
QUESTIONS:
1) What protection does SAP now provide against Scriptors?
2) What surveillance & protection does SAP now exercise relative to start-up entries in Registry & Roaming, etc.?
3) Does SAP plan to increase its level of protection relative to the issues listed in paragraphs A & B above? If so, approximately when will this occur?
-
1) SAP has protection against script, and it is configurable.
You may refer to: https://support.secureaplus.com/how-do-i-choose-to-associate-file-script-extension-types-to-script-interpreter/
2) Although SAP doesn't protect the registry directly, but it can protect a malware that register as start-up.
Here is the example: http://secureaplus.secureage.com/download/Winrar.zip
It is based on true vulnerability found in Winrar, which allow the attacker to put his code as a startup program:
https://www.slashgear.com/19-years-old-winrar-vulnerability-leads-to-over-100-malware-exploits-16569928/
-
Thanks, hendy!!! Excellent links. Very reassuring.