Deactivating Endpoint Protection Software in an Unauthorized Manner

No ratings

Presented at DeepSec 2015 by

Matthias Deeg

Many endpoint protection software like antivirus or firewall software offer a password protection in order to restrict the access to management functionalities to authorized users only, for example to deactivate protection features temporarily. In this talk, it will be demonstrated how different popular, widely-used endpoint protection software products can be deactivated by low-privileged users or malware in an unauthorized manner.