Over the last few weeks I personally got five 0-day attacks as links that passed right through VIPRE exchange security antispam (email was a link to download a zip file with an exe inside). Knowing better than to opening them, I downloaded the exe file carefully and sent it online for analysis. on all times the malware was so fresh it was detected by at most 1 AV engine. of course a few hours later the same exe was detected by all engines.
So I thought "What would happen if a less qualified person here would have downloaded and actually executed such an exe like the original email suggested"?. My idea was to whitelist all applications within our network and so even if something did pass VIPRE it would still not execute. So I started looking for application whitelisting (a.k.a. application startup control). I checked Kaspersky but found...