What is Exploit protection in Kaspersky Anti-Virus 2013

 

Kaspersky Anti-Virus 2013

 
 
 

What is Exploit protection in Kaspersky Anti-Virus 2013

Back to "General info"
2014 Jul 31 ID: 8019
 
 
 
 

What is exploit prevention

A new functionality to prevent and block exploit actions has been added to Kaspersky Anti-Virus 2013. This functionality protects your computer from malicious programs that use vulnerabilities in the most common applications, such as Adobe Reader, Internet Explorer, Firefox and etc. to perform their malicious actions in order to get control over computer, steal personal data and other.

Exploit Prevention functionality in Kaspersky Anti-Virus 2013 does the following:

  • Controls executable files started from vulnerable applications and web browsers (for example, an attempt to run an executable file by a program designed for viewing documents).
  • Controls suspicious actions of vulnerable applications (for example, if the rights of a running vulnerable application are exceeded and it writes itself into the other processes’ system memory).
  • Monitors previous program starts (for example, whether the program was started by the user or by an exploit).
  • Tracks a source of a malicious code (for example, a web browser that started download of an infected file; remote web address).
  • Prevents using application vulnerabilities.

Kaspersky Anti-Virus 2013 tracks executable files run vulnerable applications. If Kaspersky Anti-Virus 2013 detects an attempt to run an executable file from a vulnerable application that has not been initiated by the user, the application blocks the run (the user can select a different action to be performed upon threat detection). Information about blocking of the executable file run is logged in the Exploit Prevention report.

For maximum protection the lists of applications with detected vulnerabilities are updated together with Kaspersky Anti-Virus 2013 anti-virus databases.

How to configure exploit prevention settings

Be default exploit prevention in Kaspersky Anti-Virus 2013 is enabled. In order to enable/disable exploit prevention, do the following:

  1. Open the main application window.
  2. In the upper right part of the window click Settings button.

  1. In the Settings window go to the Protection Center tab and select System Watcher.
  2. You can modify the main Exploit prevention settings in the right part of the window:
    • Enable or disable the technology, by checking/clearing the box Enable Exploit Prevention.
    • Select an action upon threat detection by clicking Settings button.

You can select the following actions upon an attempt to run an executable file by a vulnerable application:

  • Select action automatically — Kaspersky Anti-Virus 2013 selects an action automatically. The value is available only in the automatic protection mode.
  • Prompt for actionKaspersky Anti-Virus 2013 prompts the user for action. The value is available only in the interactive protection mode.
  • Allow action — the application always allows running the file.
  • Block action — the application always blocks running the file from a vulnerable program.

  1. In the Settings window click the OK button.
  2. Close the main program window.
 
 
 
 
Was this information helpful?
Yes No
Thank you
 
 
 

Applies To:


 

 
 

How can we improve this article?

Your feedback will be used for content improvement purposes only. If you need assistance, please contact technical support.

Submit Submit

Thank you for your feedback!

Your suggestions will help improve this article.

OK