Webwasher 6.0.1 Anti-Malware User's Guide - McAfee
Webwasher 6.0.1 Anti-Malware User's Guide - McAfee
Webwasher 6.0.1 Anti-Malware User's Guide - McAfee
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Content Security<br />
4–22<br />
Windows Executables<br />
The Windows Executables section allows you to configure actions for Windows<br />
executables that are potentially malicious. These may be downloaded<br />
in a stand-alone manner or attached to e-mails.<br />
This code may be openly hostile, i .e. perform operations that are usually<br />
and primarily performed by hostile mobile code, e. g. usage of vulnerable<br />
functionality.<br />
The code may also perform only operations that are performed by all kinds of<br />
mobile code, i. e. including code that is not hostile. These operations may,<br />
however, open the door for hostile operations that are performed at a later point<br />
of time, e. g. write access to local files.<br />
You can configure actions with regard to all of these operations.<br />
You can also configure different actions according to whether the probability<br />
that the code in question will perform these operations is medium or high.<br />
If you want to use the options provided in this section, make sure the checkbox<br />
next to the section heading is marked. The checkbox is marked by default.<br />
After modifying this setting or any other setting in this section, click on Apply<br />
Changes to make the modification effective.<br />
Use the drop-down lists in the following areas to configure actions for Windows<br />
executables:<br />
• Operations primarily performed by hostile mobile<br />
In this area, select actions with regard to the:<br />
— Dynamic creation of program code<br />
This includes the programmatic evaluation of (formerly obfuscated) program<br />
code.<br />
— Usage of vulnerable functionality<br />
This functionality is located in the host environment, e. g. the Web<br />
browser or the Java VM.<br />
• Operations primarily performed by all kinds of mobile code<br />
In this area, select actions with regard to:<br />
— Read access to local files<br />
This includes the programmatic evaluation of (formerly obfuscated) program<br />
code.