Re: Windows Defender Security Centre
Indeed. Off the shelf obfuscation tools are effective against a lot of AV as they are just using hashes of sections of code.
Heuristics aren't great either. Watching something I know is malware get past an AV sandbox makes me cynical.
Still I suppose they do the best they can without changes to basic OS and hardware environments. Balancing usability with security and all that.
Seen the SMM exploits? SMM rootkits are a thing now. Yay.
|