If MetaDefender Core does not support a sandbox scanning model (sandbox or a container that runs in a quarantine mode), it means that, while scanning threats, the files will be extracted to disk, and infected files can compromise the Core-System. Is it correct?
Answer: Writing a malicious file to the disk does not mean it can do any harm. To activate malware, files should be interpreted. We do not interpret or run them, we only use them as bitstreams, so Metadefender Core should not be compromised.
This article applies to MetaDefender Core v4
This article was last updated on 2019-10-06