Обновление движка в Symantec/Norton AntiVirus

[Сергей Ильин 1538]

Наткнулся на интересный пресс-релиз на сайте Symantec от 17 января, в котором говориться об обновлении антивирусного движка.

На большую новость это не тянет, поэтому публикую здесь.

В кратце как я понял, вышел инкрементальный технологический апдейт антивирусного движка, который позволяет лучше бороться с категорией вирусов "stealth", не детектируемых обычными методами.

Новый движок работает на уровне ядра ОС и может защищать от вирусов, которые пытаются скрыть свое присутствие в системе.

По сути речь идет о внедрении у Symantec технологии борьбы с руткитами. :yes:

Пользователи Norton Internet Security 2006, Norton AntiVirus 2006, Norton SystemWorks 2006, Symantec AntiVirus Corporate Edition 10.0, и Symantec Client Security 3.0 должны были получить этот апдейт автоматом.

*****************************************************

Symantec Corp. announced the delivery of product technology updates to its consumer and enterprise antivirus solutions, providing users with expanded protection against stealth computer threats. These updates are the first incremental technology updates Symantec has brought to its consumer solutions. Prior to the release of the 2006 product line, new technology was delivered to consumers with new product versions annually.

Customers using Norton Internet Security 2006, Norton AntiVirus 2006, Norton SystemWorks 2006, Symantec AntiVirus Corporate Edition 10.0, and Symantec Client Security 3.0 received an updated antivirus scanning engine automatically through their products' LiveUpdate feature throughout December. Users also received new Auto-Protect Spyware Blocking after being notified of a "critical update" and provided with instructions on how to manually download the package.

"In order for Internet security solutions to be effective, they must keep pace with the rapidly evolving threat environment," said Enrique Salem, senior vice president, security products and solutions, Symantec Corp. "By being able to deliver product updates such as these, we are providing our users with the assurance that their Symantec security solutions have the latest technology needed to keep them safe and secure online."

The updated antivirus scanning engine now removes many of today's most stubborn threats from home and enterprise computer systems through its new driver technology. The engine works before the operating system loads - in kernel mode - and protects users against malicious code that attempts to hide from current scanning methods. By operating in the kernel mode, the engine can open locked files, bypass programs running in the computer's user mode, and initiate repairs during the system boot cycle.

Much like an airport x-ray machine can look inside luggage and identify items that security guards are unable to see, the new antivirus scanning engine can look deep inside a computer system to handle malicious code, adware, and spyware that are hidden from users by stealth technology.

The updates also include new Auto-Protect Spyware Blocking, which enhances Symantec's ability to handle non-viral security risks by blocking spyware and adware applications before they are installed on a user's system.

http://www.symantec.com/about/news/release...rid=20060117_02