Vulnerability Alerts
SANS
 
Microsoft
 
CERT/CC
 
 
Latest Comments
"no comment"
on MySpace superworm creator sentenced to probation, community service
by hijrawinata | Sep 7, 2008 3:18 AM
 
"hi.. i like google chrome. I need to know if in future, google is willing to upgrade google ..."
on Layered security in Google Chrome browser
by george s | Sep 7, 2008 1:52 AM
 
"Smart Antivirus-2009 crack"
on Researchers crack London's Oyster card security
by trancongtruongtruong | Sep 7, 2008 12:38 AM
 
"I urge every business person and IT person, management or staff, to get hold of a copy of "I.T. ..."
on Bank of New York loses 12.5 million customer details
by John Franks | Sep 6, 2008 1:20 AM
 
"iam intrested in porn movies workes in actors from 36/m india pleas help me thanks."
on Popular porn site hacked by prudes
by vinod agarwal | Sep 5, 2008 8:26 PM
Incident Response

Antivirus tools 'pave way' for malware

  • Email a Friend
  • Print Page
Related Articles
By Clement James
Jun 30, 2008 10:42 PM | 1 Comment
Tags: Antivurs | Malware | N.runs | Fails
German IT consultancy N.runs has warned that antivirus products can actually open the door to attackers, enabling them to penetrate company networks and load destructive code..

Security specialists from the company claim to have discovered approximately 800 vulnerabilities in antivirus products during the past few months.

N.runs said that every virus scanner currently on the market has several highly critical flaws which could pave the way for denial-of-service attacks and enable the infiltration of destructive code past the security solution into the network.

The company said that 'parsing' is one of the main causes of this problem. In this case virus scanners must recognise as many malware applications as possible, and so must comprehend and process a large number of file formats.

In order to be able to interpret the formats, an application must partition the corresponding file into blocks and structures.

But N.runs said that mistaken assumptions in the course of programming the parsing code create constellations which enable the infiltration and subsequent running of programme code.

"In short, the more parsing that takes place, the higher the recognition rate and the degree of protection from destructive software, but at the same time the larger the attack surface which makes the antivirus product itself a target," said N.runs.

"Systematic industrial espionage, along with the interruption of all email communication, are two of the possible consequences."

The company has developed its Application Protection System AntiVirus in order to complete companies' IT security infrastructure by using multiple engines to overlap security.

Copyright © 2008 vnunet.com

 
Ads by Google
Thoughts on this article? Add a comment below.
Comments: 1
no comment
SC Magazine - comments icon Posted by JAYESH PATELJul 16, 2008 4:38 AM

Report this comment as offensive >>

Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 
 
Risk Management Whitepapers
Popular Tags
000 12 2008 accused malware mark million olympics phone rockets runs simpson site soars spreading steal trojan virus web writers