By recommending that users exclude some file extensions and folders from antivirus scans, Microsoft may put users at risk, a security company said today.
In a document published on its support site , Microsoft suggests that users do not scan some files and folders for malware as a way to improve performance in Windows 2000, XP, Vista, Windows 7 , Server 2003, Server 2008 and Server 2008 R2. "These files are not at risk of infection. If you scan these files, serious performance problems may occur because of file locking," Microsoft states in the document.
Among the files and folders Microsoft tells users to exclude are those associated with Windows Update and Group Policy, and files with the .edb., .sdb and .chk extensions contained within the "%windir%\security" folder.
Trend Micro took exception -- not with the list itself, but with Microsoft making it public. "Although it actually makes sense to stop checking Windows Update and some Group Policy-related files if you really want to speed up the system, we are concerned by the fact that this was released publicly," said David Sancho, a malware researcher with Trend Micro
No comments:
Post a Comment