To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Should svchost.exe be allowed to change files in protected folders? Dataguard

KINYW
KINYW Posts: 1 Security Scout
edited June 20 in Elements Endpoint Protection (EPP)

Hello, we are getting quite a lot of dataguard blocking svchost.exe to change files in protected folders. Is it best practice to allow svchost.exe to change the files in protected folders?

Comments

  • AndyF-PM
    AndyF-PM Posts: 12 Junior Protector

    While there are many valid uses of svchost.exe on a Windows computer, it can also be used to host malware in some cases.

     

    Because of this, it is not advisable to blindly allow that process to change files.

This discussion has been closed.

Categories