This file is not malicious in nature, but you can just imagine what could happen if someone did try to use this exploit. It would leave anyone using a Microsoft anti-malware application open. The same thing has happened in the past to both McAfee and Symantec and motivated both companies to lock down their processes and create additional watchdog services to keep an eye on things.
There is little detail on exactly what happens to create the interruption, but it our guess is that when scanning a JS file there are special commands that either create a loop for the scanner (through the interpreter) or that cause the scanner to turn off when the file is scanned. Either way it is a bad thing to have happen, but not that difficult to patch. With some of the more intrusive malware we have seen entire processes replaced or the registry keys removed. When the process is replaced it is with a hacked version of the executable. This makes the system think that everything is running when it is actually not. For key removal the system looks like it is installed, but is not running.
All anti-malware companies really need to step up their game and find better ways to protect end users’ systems. The threats are evolving much faster than they can keep up even and that puts their clients at risk in many ways. Microsoft will push the patch out soon so most users will get it through automatic updates done to their systems. For corporate users, they will want to make sure their servers are up-to-date and that they push out the updated clients to their networks.
Tell us what you think in our Forum