A major centralised administration server update for Dr.Web Enterprise Security Suite and Dr.Web Industrial
All the news | News on Dr.Web products | News on update
The update package will also deliver other tweaks and feature upgrades. Those include additional functional analysis criteria for Dr.Web Enterprise Security Suite and Dr.Web Industrial:
- In the “Application launch” category, Dr.Web can be set to stop office suite programs and mail clients from creating child processes. This can reduce the risk of infection via malicious documents and emails without interfering with the user experience.
- In the “Launch of script interpreters” category, new rules are available to prevent scripts from being run from office suite apps and email clients and to block certain AutoIt, JavaScript and Python scripts. These restrictions will protect systems from cyberattacks that leverage script interpreters and help prevent dubious automation routines from being created.
- The “Driver loading” category can now be used to prevent non-WHQL drivers from being installed. This option ensures that unsigned modules can't be used and potentially dangerous code won't be loaded into the kernel.
The updated set of rules provides cybersecurity administrators with additional flexible tools for preventing malicious activity and increasing their infrastructure’s resilience in the face of modern threats.
The update also addresses a number of identified issues, which include:
- A Dr.Web server update error that could occur in systems with limited CPU and memory capacity.
- An issue preventing the repository product “Content filter databases for UNIX” from being updated if the “Update only bases” option was enabled in the Control Center’s Update restrictions section.
- Possible interference with routine DNS response cache updating.
A detailed changelog is available here.