• Важно
    Имате проблем со најава или регистрација на it.mk?
    Побарајте го решението на вашиот проблем ТУКА!

Предупредување за антивирусни софтвери

Статус
Затворена за нови мислења.

LiquidWorm

Администратор
26 март 2007
2.674
193
www.zeroscience.mk
Researchers warn of AV software risks

Published: 2007-11-23

The vulnerabilities in antivirus software make the programs as much a threat, as a help, to corporate network security, two German security experts argued in a presentation released last week.

The researchers -- Sergio Alvarez and Thierry Zoller, both of German security firm N.runs -- have taken antivirus companies to task for a large number of vulnerabilities the two discovered in how virus scanners parse potentially malicious files. While antivirus software is a typical piece of companies' defense-in-depth strategy, security holes in the software could allow an attacker to bypass other defenses, the pair argued.

"Current AV DiD (antivirus defense-in-depth) implementations define 'the worst possible way' an antivirus product may fail as 'Fails to detect a threat' or 'Fails to detect a virus,' whereas in reality the worst possible way is a more severe one: Compromise of the underlying OS (operating system) through the antivirus engine," Alvarez and Zoller stated in the presentation posted (PDF) last week, but delivered last month at the Hack.lu conference in Luxembourg.

Over the last two years, security researchers have found a large number of vulnerabilities in antivirus software. In 2004, the Witty worm showed just how devastating such a flaw could be. The worm spread using a flaw in intrusion detection software made by Internet Security Systems, now part of IBM.

Alvarez and Zoller found more than 80 parsing vulnerabilities in various antivirus products. The duo apparently see the software flaws as a market opportunity: N.runs plans to release a product to protect against antivirus parsing vulnerabilities, and the contact information at the end of the presentation includes the e-mail address of the company's director of software sales.

Symantec, the maker of antivirus programs for consumers and companies, is the owner of SecurityFocus.

Извор: http://www.securityfocus.com/brief/632

:rolleyes:
 
Статус
Затворена за нови мислења.

Нови мислења

Последни Теми

Статистика

Теми
43.663
Мислења
889.226
Членови
31.504
Огласи
34
Најнов член
formula-1
На врв Дно