The Network Security. Org

Ever wonder why Windows File Protection doesn't use ACLs to protect files?

Over the years I have cringed at the thought that rogue elements could overwrite system binaries, bypassing Windows File Protection with use of tools like SysInternal's handle.exe. I always wondered WHY they didn't have tighter ACLs on the files, and today Raymond explains why.

Apparently they tried that. And it didn't work well. Software installers had a nasty problem in which they didn't like being told they can't overwrite a file, and would fail miserably. Microsoft's solution? Let the copy happen, and then overwrite the installer's changes with the original trusted file later. Dana Epp's ramblings at the Sanctuary: Ever wonder why Windows File Protection doesn't use ACLs to protect files?

More News

• Apple releases another mega-patch for Mac OS X
  



• Security flaw in smart cards poses risk for transit, building access
  



• Free TrojanProof Password Tool Released for Windows
  



• Security scans with OpenVAS
  



• Do ISPs pose a bigger online privacy threat than Google
  



• HTTPS Cookie-Hijacking Tool CookieMonster Gobbles Personal Data
  



• Anatomy of a botnet
  



• Microsoft patches 8 critical bugs in Windows, Office
  



• Virtualization users should expect more attacks
  



• Threat From DNS Bug Is not Over, Experts Say
  



• Website infection rate triples
  



• How to Use Honeypots to Improve Your Network Security
  



• Microsoft Patch Tuesday Targets 26 Application Flaws
  



• SSL VPNs might not be as secure as you think
  



• 8 tips to filter spam effectively
  



• Onus on IP address owner to prove innocence
  



• How to install an SSH Server in Windows Server 2008.
  



• Several vulnerabilities closed in the Linux kernel
  



• 8 Best Practices for Encryption Key Management and Data Security
  



• Free Honeypot Client Could Sting Malware