D+ and exploit


What is the comodo defense for the exploit? files with the pdf extension or xml extension.


If we have a unknown virus with (.exe) suffix, will be run in Sandbox. But this will not happen for viruses with (.pdf) or (.jpg) suffix, and PC will be infected.

once i saw a pdf in the sandbox. but i used it just a moment.

its an interesting question. additional i would like to know, what happens if the “reader program” is not running in the sandbox, but “the file to be read” is new. what will the sandbox do if i open this file with the unsandboxed reader?

No reaction :wink:

D+ and Sandbox, reaction only to Applicable files with suffix the (.exe) or (.scr).

CIS will respond when a script is being run from a PDF file. You should be getting an alert.

CIS will respond If the antivirus does detected it. But if not detected by antivirus, D+ and Sandbox do not respond.