0 Replies Latest reply on Jun 12, 2009 6:32 PM by wgs77

    VSE 8.7 patch 1 - Question regarding Whitelisting of Java Script

      Hi,

      I have a question regarding McAfee VSE 8.7 Patch 1.

      VSE 8.7 patch 1 has a new functionality to allow web pages to load faster in browsers by not scanning Java Script for any url which is whitelisted (as being safe) in Mcafee dat files.

      Mcafee's explanation of the solution to the Patch 1 false positive issue is that they disabled the whitelisting of Java Scripts
      in the dat files. This solves the VSE 8.7 patch 1 issue of false positives because of an undisclosed problem with Patch 1's new functionality of white listing of Javascrips somehow conflicting with the entries in the dat files.

      Personally, I don't like whitelisting of Java scripts. I anticipate in the futue that Mcafee will decide to enable the whitelisting Java Script entries in the dats. Since many reputable web sites get hacked everyday, I view it as dangerous to not scan Java scripts in Whitelisted URL's that were safe yesterday but hacked today.

      Does anyone know of a way (perhaps through a registry edit), to make VSE 8.7 with Patch 1 permanently ignore any whitelisting of Javascripts in the dat files, so that VSE 8.7 will always scan 100% of the Java Scripts.

      Thanks,

      Bill