• Здраво и добредојдовте на форумот на IT.mk.

    Доколку сеуште не сте дел од најголемата заедница на ИТ професионалци и ентузијасти во Македонија, можете бесплатно да се - процесот нема да ви одземе повеќе од 2-3 минути, а за полесна регистрација овозможивме и регистрирање со Facebook и Steam.

Предупредување за антивирусни софтвери

Статус
Затворена за нови мислења.
  • Ја почнал/а темата
  • #1

LiquidWorm

Администратор
26 март 2007
2,667
183
www.zeroscience.mk
Researchers warn of AV software risks

Published: 2007-11-23

The vulnerabilities in antivirus software make the programs as much a threat, as a help, to corporate network security, two German security experts argued in a presentation released last week.

The researchers -- Sergio Alvarez and Thierry Zoller, both of German security firm N.runs -- have taken antivirus companies to task for a large number of vulnerabilities the two discovered in how virus scanners parse potentially malicious files. While antivirus software is a typical piece of companies' defense-in-depth strategy, security holes in the software could allow an attacker to bypass other defenses, the pair argued.

"Current AV DiD (antivirus defense-in-depth) implementations define 'the worst possible way' an antivirus product may fail as 'Fails to detect a threat' or 'Fails to detect a virus,' whereas in reality the worst possible way is a more severe one: Compromise of the underlying OS (operating system) through the antivirus engine," Alvarez and Zoller stated in the presentation posted (PDF) last week, but delivered last month at the Hack.lu conference in Luxembourg.

Over the last two years, security researchers have found a large number of vulnerabilities in antivirus software. In 2004, the Witty worm showed just how devastating such a flaw could be. The worm spread using a flaw in intrusion detection software made by Internet Security Systems, now part of IBM.

Alvarez and Zoller found more than 80 parsing vulnerabilities in various antivirus products. The duo apparently see the software flaws as a market opportunity: N.runs plans to release a product to protect against antivirus parsing vulnerabilities, and the contact information at the end of the presentation includes the e-mail address of the company's director of software sales.

Symantec, the maker of antivirus programs for consumers and companies, is the owner of SecurityFocus.
Извор: http://www.securityfocus.com/brief/632

:rolleyes:
 
Статус
Затворена за нови мислења.

Нови мислења

Последни Теми

Статистика

Теми
43,572
Мислења
823,658
Членови
28,077
Најнов член
Brlebrle
На врв Дно