I thought this was an interesting read:

http://www.informationweek.com/story/showArticle.jhtml?articleID=54800003

Just one more reason why I use avast! ;D

Yeah, the free avast version has no script blocking, so I guess we are safe ;D ;D ;D ;D ;D

Well,

not that I like Norton, but:

• you need to RUN the script first
  → if you click on dubious software/Code (or have your browser open it automatically for you) ;D

Then there’ll always be some piece of malware that gets by your (single or multilayered) “protection” as in Scanners/Tools

My two and so far sufficient “layers”: Configure & Think

Do you really think that avast is protected?
I think you can disable - with administrator rights - ashserv.exe as easy as NAV :-\

Well of course…

any malicious user or (in)decent malware activated/running under admin can kick your protection, that’s the meaning of admin = root = superuser, isn’t it ?

The point with this symantec-bug (afaiui) is that NAV’s script-protection should detect-as-malicious & block this (WMI…?-)Script after it’s downloaded/clicked, but before it’s activated, which seemingly NAV doesn’t achieve

It boils down to: a Scanner/Tool can’t protect you (or itself), if it doesn’t detect a specific malware

And this is not going to change anywhen in the foreseeable future…

So: → don’t click/download/activate (potential) malware
;D ;D

Another solution (please correct me if im wrong)

Would be not to log in as admin

–lee

quite correct, lee…

But there’s a dilemma

• most XP-Users surf as admin
• and some software won’t really run properly under user/restricted rights (maybe one shouldn’t use this soft then)
  

This is the reward for the ones who promisse a lot and do not carry out what have promissed
This is the reward for users that trust that much in the marketing of the big companines