1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Approximately 800 vulnerabilities discovered in antivirus products

Discussion in 'News' started by wagnerk, Jul 9, 2008.

Click here to banish ads and support Certforums by becoming a Premium Member
  1. wagnerk
    Highly Decorated Member Award

    wagnerk aka kitkatninja Moderator


    Approximately 800 vulnerabilities discovered in antivirus products

    In what appears to be either a common scenario of “when the security solution ends up the security problem itself”, or a product launch basing its strategy on outlining the increasing number of critical vulnerabilities found in competing antivirus products, the IT/Security consulting firm n.runs AG claims to have discovered approximately 800 vulnerabilities within antivirus products based on exploiting a standard malware scanning process known as “parsing” :

    “During the past few months, specialists from the n.runs AG, along with other security experts, have discovered approximately 800 vulnerabilties in anti-virus products. The conclusion: contrary to their actual function, the products open the door to attackers, enable them to penetrate company networks and infect them with destructive code. The positioning of anti-virus software in central areas of the company now poses an accordingly high security risk. The tests performed by the consulting company and solutions developer n.runs have indicated that every virus scanner currently on the market immediately revealed up to several highly critical vulnerabilities. These then pave the way for Denial of Service (DoS) attacks and enable the infiltration of destructive code – past the security solution into the network. With that, anti-virus solutions actually allow the very thing they should instead prevent.”

    To read the whole article, see here.

    Certifications: CITP, PGDip, BSc, HNC, LCGI, PTLLS, MCT, MCITP, MCTS, MCSE, MCSA:M, MCSA, MCDST, MCP, MTA, MCAS, MOS (Master), A+, N+, S+, ACA, VCA, etc... & 2nd Degree Black Belt
    WIP: MSc in Tech Management


    1. Modey
      I wonder which company will be the first to release an anti-anti-virus product then? :)

    Share This Page