Comments on: There is no External http://blogs.mcafee.com/mcafee-labs/there-is-no-external Tue, 29 Nov 2011 07:51:20 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: newsoft http://blogs.mcafee.com/mcafee-labs/there-is-no-external/comment-page-1#comment-13149 newsoft Wed, 07 Nov 2007 18:27:06 +0000 http://blogs.mcafee.com/2007/11/05/there-is-no-external/#comment-13149 Most (if not all) personal firewalls and/or HIPS will prevent process injection by hooking at least OpenProcess() and/or WriteProcessMemory(). Other techniques could be used, especially if you are able to load a driver on the target, but still it prevents most existing malware to inject code properly. "Good" personal firewalls will prevent OLE scripting of IE, too. Most (if not all) personal firewalls and/or HIPS will prevent process injection by hooking at least OpenProcess() and/or WriteProcessMemory().

Other techniques could be used, especially if you are able to load a driver on the target, but still it prevents most existing malware to inject code properly.

“Good” personal firewalls will prevent OLE scripting of IE, too.

]]>