Home > slashdot > Critical Flaw Found In Virtually All AV Software

Critical Flaw Found In Virtually All AV Software

May 9th, 2010 05:20 admin Leave a comment Go to comments

Securityemo writes “The Register is running an article about a new method to bypass antivirus software, discovered by Matousec. By sending benign code to the antivirus driver hooks, and switching it out for malicious code at the last moment, the antivirus can be completely bypassed. This attack is apparently much more reliable on multi-core systems. Here’s the original research paper.”
El Reg notes that “The technique works even when Windows is running under an account with limited privileges,” but “it requires a large amount of code to be loaded onto the targeted machine, making it impractical for shellcode-based attacks or attacks that rely on speed and stealth. It can also be carried out only when an attacker already has the ability to run a binary on the targeted PC.”

Source: Critical Flaw Found In Virtually All AV Software

Related Articles:

  1. Linux Xorg Critical Security Flaw Silently Patched
  2. Drupal Warns Users of Mass, Automated Attacks On Critical Flaw
  3. Drupal Fixes Highly Critical SQL Injection Flaw
  4. Stand-Alone Antivirus Software?
  5. Critical Flaw Found In Backtrack Linux
blog comments powered by Disqus