Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Centerfold: Civil Engineering Firm "White Lists" Vulnerable Apps

When Patton Harris Rust & Associates found out that Microsoft's Windows MetaFile (WMF) had a security vulnerability that might be exploited for zero-day attacks, PHR&A's IT team quickly removed the offending WMF dynamic link library file from its application whitelist.

 
 

"We took the DLL and put it in an unauthorized group so it couldn't run," says John Loyd, vice president and director of information technology for PHR&A, a multimillion-dollar Chantilly, Va.-based civil engineering and consulting firm with commercial, state and federal government clients. The strategy let the company take the unsafe app offline before an attack could take place, he said. When Microsoft issued a patch for the WMF vulnerability, PHR&A re-listed the DLL as an approved application.

Today's whitelisting is a new spin on an old-school (and some might say paranoid) security method that spells out which applications specific users and user groups can run. So if a user tries to access an unauthorized application, or if a rogue executable gets through to a workstation, the whitelist software blocks it. Only the defined apps and executables can run, period.




  • 1