Researchers Unveil Antivirus Bypass

Cyber Threats | News | Kara Reeder, Tuesday, May 11, 2010
anti-virus solutions, Security Vendors, Vulnerabilities and Patches
Researchers at Matousec.com have published an attack tactic that bypasses the security protections of most current antivirus software.

According to Computerworld, Matousec calls the technique an "argument-switch attack." It involves an attacker swapping out benign code for malicious code between the moments when the security software issues a green light and the code actually executes. Matousec says more than 30 antivirus products are vulnerable to the attack, including ones from AVG, McAfee and Norton, eWEEK reports.

Alfred Huger, vice president of engineering at Immunet, is concerned by the attack:

This is definitely very serious. Probably any security product running on Windows XP can be exploited this way.

But McAfee is downplaying the severity:

Based on our initial review of the public documentation, we believe this is a complicated attack with several mitigating factors that make it unlikely to be a viable, real world, widespread attack scenario. The attack would require some level of existing access to the target computer, as the attack described by Matousec does not on its own bypass security software or allow malware to run.

Comments (0) Bookmark and Share

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <b> <i>

More information about formatting options