I need a solution
I was playing around testing SEP's funtionality today when i stumbled across the fact that my clients are not protected against commands executed from a CMD shell or from within powershell.
If you drop the following into a command prompt you will see
powershell-command"& { iwr http://www.eicar.org/download/eicar_com.zip -OutFile c:\users\admin\eicar.zip }"
Am i missing something from my SEP policy.?
Further details here http://rangler.co.uk/symantec-antivirus-back-door-advisory/