InfoWorld - Security Adviser: Windows 7 security primer, part 3

/Home/Internet Security: Blogs/Internet Security: InfoWorld blog/InfoWorld: Security Adviser 2010

AppLocker wards off Trojan attacks by preventing users from launching forbidden files and apps

By Roger A. Grimes
January 22, 2010

Malicious Trojans continue to plague end-users' desktops, yet most machines aren't exploited due to missing patches (although this is the second biggest cause), unpatched zero days (almost never a factor), drive-by downloads, or misconfigurations. Nope, most systems are infected because users are duped into intentionally installing programs that Web sites say they need. These socially engineered Trojans come in the guise of anti-virus scanners, needed codecs for a media player, fake patches, and just about any other bait the bad guys can concoct to lure end-users into installing their Trojan file.

The most effective means of thwarting these types of threats in an enterprise environment is preventing end-users from installing unapproved programs. If you leave the decision up to end-users, they will almost always make the wrong choice. If they didn't, malware wouldn't be nearly as popular as it is today.

Click the URL above to read the full article