Trend Micro: Microsoft's whitelist suggestion helps hackers

Microsoft's recommendation that users exclude certain files and folders from antivirus software may put users at risk, says security company Trend Micro. In a nutshell, Microsoft posted a document suggesting that users do not have to scan for certain files and select system folders to avoid situations where "serious performance problem" could occur as a result of file locking.

Trend Micro took exception to this advice however, noting that "we are concerned by the fact that this was released publicly." David Sancho, a malware researcher with Trend Micro argued that the list could be a boon to hackers, as they may strategically drop or download a malicious file into one of the folders mentioned in the exclusion list. Sancho wrote that "Following the recommendations does not pose a significant threat as of now, but it has a very big potential of being one."

Andrew Storms, director of security operations at nCircle Network Security agreed that the recommendations given by Microsoft might not be a good idea. However, Storms doubts that the whitelist released by Microsoft would ultimately influence where hackers store their malware. 

For more on this story:
- check out this article at Computerworld
- check out this support article from Microsoft

Related Articles:
AV-Comparatives ranks the top proactive antivirus scanners
Microsoft reiterates rationale for free Microsoft Security Essentials
Cybercriminals making a fortune from fake security software
Gartner says enterprises are overpaying for antivirus software