This link: http://www.symantec.com/business/support/index?page=content&id=TECH171301
states that it will protect the following file types from being hijacked in the registry (shell open/shell load points protection) this is the quote:
The policy will protect the registry file associations for the following filetypes:
- .exe
- .com
- .bat
- .cmd
- .pif
- .scr
- .reg
However, in the actual hardening policy, the rule set (HIPS) [AC12] shows that it is configured to protect only 3 of the above - these are the three that are actually in the policy as supplied by Symantec.
My questions and/or comments:
* Are these accurate and perhaps based on current data showing the others aren't really at risk? (the others are no longer a concern or problem in today's computing world?)
* Is this a mistake in the above-linked documentation? (the document in the link lists several while the actual rule set has only 3 of them)
* Is this an error of omission in the policy or rule set itself? (is the linked document correct, and someone "forgot" to include the others?)