Symantec Says Windows Is a Security Risk

robjvargas

Rob J. Vargas
Banned
Joined
Dec 9, 2011
Messages
6,543
Reaction score
511
This should tickle a few techies out there.

My employer uses Symantec Endpoint Protection for antivirus (Like Norton, with with a few extras). Recently, I (as the administrator) got the following notification:

At least one security risk found:

Risk name: Microsoft® Windows® Operating System
File path: c:\windows\system32\svchost.exe
Event time: Jun 30, 2014 8:06:42 AM
Database insert time: Jun 30, 2014 8:46:26 AM
Source: Heuristic Scan
Description: ""
User: SYSTEM
Computer: <redacted>
IP Address: <redacted>
Domain: Default
Server: <redacted>
Client Group: <redacted>
Action taken on risk: Left alone
This alarm was generated at Jun 30, 2014 9:30:50 AM (Reporter host Time).
This alarm was generated by <redacted>, with the following filters:

<redacted>

Symantec Endpoint Protection detected a new risk on client computers.

In all seriousness, the antivirus detected a change in svchost.exe that wasn't in its signature database yet. I saw the affected computer download new definitions later in the day and the alert went away.

But I can't help giggling when I see Windows declared a security risk. Sometimes, the truth will not be imprisoned. :roll: