Abstract: Disclosed are systems and methods for controlling opening of computer files by vulnerable applications. An example method includes: responsive to detecting creation by a source software application of a computer file on the user computer, determining a file access policy associated with the computer file based on one or more parameters of the computer file; responsive to detecting a request from a consumer software application to open the computer file, determining an application launching policy associated with the consumer software application based on one or more vulnerabilities identified for the consumer software application; determining a file opening policy associated with the computer file and the consumer software application based on the file access policy, the application launching policy, and respective priorities amongst the policies; and controlling opening of the computer file by the consumer software application according to the determined file opening policy.

Abstract: Disclosed are systems and method for controlling access to objects of an operating system using Access Control Lists (ACLs). An exemplary method comprises: generating, by a processor, one or more ACLs for objects of the operating system based on at least one access rule specifying the access mode to the object of the operating system to one or more users based on the one or more categories to which the objects belongs; intercepting a request from a user to access an object of the operating system; determining, by the processor, one or more ACLs associated with the requested object; and applying, by the processor, the determined one or more ACLs to decide whether to allow or deny access of the user to the requested object, wherein if one of the applied ACLs denies access to the object, the access will be blocked, otherwise the access will be allowed.

Abstract: Disclosed are a system and method for secure execution of script files. An example method includes providing a security container associated with a script interpreter, wherein the security container includes at least action limiting policies for the interpreter; detecting an attempt by the script interpreter to execute a script file; determining using the security container whether the script file is a trusted script file; allowing the script interpreter to execute a trusted script file; intercepting actions of the interpreter during execution of the script file; determining using the security container whether an intercepted action is permitted; when the intercepted action is permitted, determining using the security container whether any limitations are associated with the intercepted action; and when a limitation is associated with the intercepted action, applying the limitation to the intercepted action during the execution of the script file.

Abstract: Disclosed are systems, methods and computer program products for antivirus checking of files based on level of trust of their digital certificates. An example method includes obtaining a digital certificate of a digital signature of a file; determining validity of the obtained digital certificate; assigning a level of trust to the digital certificate based on the determined validity or invalidity of the digital certificate of the file; based on the assigned level of trust of the digital certificate of the file, determining what antivirus checking method to perform on the file; and performing the determined antivirus checking method on the file.

Abstract: Disclosed are systems and method for controlling access to objects of an operating system using Access Control Lists (ACLs). An exemplary method comprises: generating, by a processor, one or more ACLs for objects of the operating system based on at least one access rule specifying the access mode to the object of the operating system to one or more users based on the one or more categories to which the objects belongs; intercepting a request from a user to access an object of the operating system; determining, by the processor, one or more ACLs associated with the requested object; and applying, by the processor, the determined one or more ACLs to decide whether to allow or deny access of the user to the requested object, wherein if one of the applied ACLs denies access to the object, the access will be blocked, otherwise the access will be allowed.

Abstract: Disclosed are systems and methods for controlling opening of computer files by vulnerable applications. An example method includes: responsive to detecting creation by a source software application of a computer file on the user computer, determining a file access policy associated with the computer file based on one or more parameters of the computer file; responsive to detecting a request from a consumer software application to open the computer file, determining an application launching policy associated with the consumer software application based on one or more vulnerabilities identified for the consumer software application; determining a file opening policy associated with the computer file and the consumer software application based on the file access policy, the application launching policy, and respective priorities amongst the policies; and controlling opening of the computer file by the consumer software application according to the determined file opening policy.

Abstract: Disclosed are systems and methods for controlling opening of computer files by vulnerable applications. An example method includes: detecting a request from a software application to open a computer file on the user computer; determining one or more parameters of the file; determining a file access policy based on the parameters of the file, wherein the file access policy specifies at least access rights of the software application to the resources of the user computer; identifying vulnerabilities of the software application; determining an application launching policy for the software application based at least on the determined vulnerabilities, wherein the application launching policy specifies at least whether opening of the file is permitted or prohibited; and controlling opening of the file on the user computer and accessing of the computer resources by the software application working with the opened file based on the file access policy and application launching policy.

Abstract: Disclosed are systems and methods for controlling opening of computer files by vulnerable applications. An example method includes: detecting a request from a software application to open a computer file on the user computer; determining one or more parameters of the file; determining a file access policy based on the parameters of the file, wherein the file access policy specifies at least access rights of the software application to the resources of the user computer; identifying vulnerabilities of the software application; determining an application launching policy for the software application based at least on the determined vulnerabilities, wherein the application launching policy specifies at least whether opening of the file is permitted or prohibited; and controlling opening of the file on the user computer and accessing of the computer resources by the software application working with the opened file based on the file access policy and application launching policy.

Abstract: Disclosed are systems and methods for protecting electronic money transactions from fraud and malware. An exemplary method include scanning a computer to detect software objects associated with electronic money that includes at least one of a wallet configured to store electronic money, an electronic money generating application, and data including an interaction history with an electronic exchange for electronic money; identifying and adjusting electronic money security modules configured to provide data security to the detected software objects associated with the electronic money; and executing, by the adjusted electronic money security modules, at least one electronic money transaction involving the electronic money. In one aspect, the electronic money security modules include a wallet protection module, a malware detection module, and a traffic control module.

Abstract: Disclosed are systems, methods and computer program products for antivirus checking of files based on level of trust of their digital certificates. An example method includes obtaining a digital certificate of a digital signature of a file; determining validity of the obtained digital certificate; assigning a level of trust to the digital certificate based on the determined validity or invalidity of the digital certificate of the file; based on the assigned level of trust of the digital certificate of the file, determining what antivirus checking method to perform on the file; and performing the determined antivirus checking method on the file.

Abstract: Disclosed are a system and method for secure execution of script files. An example method includes providing a security container associated with a script interpreter, wherein the security container includes at least action limiting policies for the interpreter; detecting an attempt by the script interpreter to execute a script file; determining using the security container whether the script file is a trusted script file; allowing the script interpreter to execute a trusted script file; intercepting actions of the interpreter during execution of the script file; determining using the security container whether an intercepted action is permitted; when the intercepted action is permitted, determining using the security container whether any limitations are associated with the intecepted action; and when a limitation is associated with the intercepted action, applying the limitation to the intercepted action during the execution of the script file.

Abstract: Disclosed is a system and method for antivirus checking of native images of software assemblies. An example method includes for detecting malicious native images of a machine code, the method comprising: receiving a native image of the machine code; identifying a parent assembly, which was used to create the native image; determining whether the parent assembly corresponds to the machine code; and determining that the native image is malicious when the parent assembly does not correspond to the machine code.

Abstract: Disclosed are systems and methods for protecting electronic money transactions from fraud and malware. An exemplary method include scanning a computer to detect software objects associated with electronic money that includes at least one of a wallet configured to store electronic money, an electronic money generating application, and data including an interaction history with an electronic exchange for electronic money; identifying and adjusting electronic money security modules configured to provide data security to the detected software objects associated with the electronic money; and executing, by the adjusted electronic money security modules, at least one electronic money transaction involving the electronic money. In one aspect, the electronic money security modules include a wallet protection module, a malware detection module, and a traffic control module.

Abstract: Disclosed are system, method and computer program product for updating software programs on a computer. The system detects an attempt by an update process to execute on the computer and retrieves information about authorized category of software programs to determine whether the detected update process is authorized. When the update process is authorized, the system (i) designates the update process as trusted process, (ii) allows the update process to download on the computer an update object, (iii) and designates the update object as a trusted object. The system then detects an attempt by an installation process to install the update object, and determines from the policy whether the detected installation process is associated to authorized category and related to the trusted update process. When the installation process authorized and related to the trusted update process, the system allows the trusted installation process to install the trusted update object.