To Customer Support To Customer Support

14 antivirus apps found to have security problems

Jasper_The_Rasper
Rank
Userlevel 7
Badge +54

Vendors just don't care, says researcher, after finding basic boo-boos in security software

By Darren Pauli, 29 Jul 2014
 
Organisations should get their antivirus products security tested before deployment because the technology across the board dangerously elevates attack surfaces, COSEINC researcher Joxean Koret says.
COSEINC is a Singapore security outfit that has run a critical eye about 17 major antivirus engines and products and found dangerous local and remotely-exploitable vulnerabilities in 14.
 Koret's analysis also suggests that antivirus companies fail by requiring overly extensive privileges, not signing product updates and delivering those over insecure HTTP, running excessive old code and not conducting proper source code reviews and fuzzing.
 
Full Article

11 replies

R
Rank
Userlevel 7
Author/ Zeljkka Zorz HNS Managing Editor/ Posted on 29.07.2014
 
A security researcher has found a great number of exploitable vulnerabilities in popular security solutions and the AV engines they use, proving not only that AV engines are as vulnerable to zero day attacks as the applications they try to protect, but can also lower the operating system's exploit mitigations.

http://www.net-security.org/images/articles/broken2.jpg
"Installing an application in your computer makes you a bit more vulnerable," says Joxean Koret, a researcher with Singapore-based Coseinc, and that is equally true for AV solutions.
 
Help Net Security/ Full Read Here/ http://www.net-security.org/malware_news.php?id=2823
nic
Userlevel 7
Badge +56

Rakanisheu Retired
Userlevel 7
A number of the issues that were brought up were not applicable to WSA.
RetiredTripleHelix
Rank
Userlevel 7
Badge +56
WSA is a lean mean green fighting machine! LOL
 
Daniel 😃
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
@ wrote:
WSA is a lean mean green fighting machine! LOL
 
Daniel :D
Well you cannot get leaner and meaner these days and don't forget trustworthiness as well.
RetiredTripleHelix
Rank
Userlevel 7
Badge +56
@ wrote:
@ wrote:
WSA is a lean mean green fighting machine! LOL
 
Daniel :D
Well you cannot get leaner and meaner these days and don't forget trustworthiness as well.
Absolutely! 😉
nic
Userlevel 7
Badge +56
It looks from his site here:
http://joxeankoret.com/index.html
 
That the 14 AV's test were:
  • ClamAV
  • F-Prot
  • Comodo
  • BitDefender
  • ESET
  • Avira
  • Sophos
  • Avast
  • AVG
  • DrWeb
  • McAfee
  • Ikarus
  • F-Secure
  • Kaspersky
 
 
R
Rank
Userlevel 7
@ wrote:
It looks from his site here:
http://joxeankoret.com/index.html
 
That the 14 AV's test were:
  • ClamAV
  • F-Prot
  • Comodo
  • BitDefender
  • ESET
  • Avira
  • Sophos
  • Avast
  • AVG
  • DrWeb
  • McAfee
  • Ikarus
  • F-Secure
  • Kaspersky
 
 
All 14 of those AV are in the DUST behind Webroot.......they can't match the technology of Webroot nor do they have a stellar staff like Webroot.................in fact none of them has a forum as good as Webroot they should be so lucky.
http://www.4smileys.com/smileys/dance-smileys/dance-smiley04.gif
R
Rank
Userlevel 7
@ wrote:
@ wrote:
WSA is a lean mean green fighting machine! LOL
 
Daniel :D
Well you cannot get leaner and meaner these days and don't forget trustworthiness as well.
Trusworthiness AND proven performance! WSA is the only AV that has that.
RompinRaider
Rank
Userlevel 6
They don't even have a "single helix" and we have the Triple! :D
Rompin Raider WSA Complete Windows10 MacOS Sierra
RetiredTripleHelix
Rank
Userlevel 7
Badge +56
@ wrote:
They don't even have a "single helix" and we have the Triple! :D
For the first time I will have to agree with you RR. Lets not let that happen again OK? :D
 
TH

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.