Business IT - Technology for your business

No. 1 Story

Telstra adds one million mobile services, but Sensis plummets

Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.

 read more
StumbleUponSubmit to redditShare this on TwitterShare on facebook | Print |PDF 

More From

Every anti-virus scanner on the market compromised by critical vulnerabilities

Davey Winder
Tuesday, 08 July 2008 06:27

Business IT - Security

Page 1 of 2
More than 800 vulnerabilities have been uncovered within anti-virus products, and every virus scanner currently on the market has at least one highly critical vulnerability. That is the controversial claim of one security vendor which concludes that anti-virus software far from protecting the network throw the doors wide open to attackers...

"During the past few months" the press release from German security outfit n.runs AG warns "specialists from n.runs AG, along with other security experts, have discovered approximately 800 vulnerabilities in anti-virus products." Now that is guaranteed to get anyone's attention.

Microsoft Office 365 Get your free Trial
If not for the relevancy of the information, then at least for the sheer chutzpah in distributing a release making such a claim. After all, n.runs AG has its own anti-virus solution to sell. It is not clear if n.runs AG is including their own Application Protection System Anti-Virus (aps-AV) solution in the 'every virus scanner on the market' is vulnerable statement, but you have to assume it is not.

So how do they come up with what would be a hugely damaging statistic to the security industry as a whole, were it proven to be true?

Security consultant and cyber threats analyst Dancho Danchev reveals that the research cited by n.runs AG is based partly upon Secunia Advisory tracking specifically of anti-virus applications. There is also an element of research from the University of Michigan which looked at the severity of vulnerabilities product by product.

Worryingly, the figures look like having some basis in truth. Danchev quotes a research paper by Feng Xue that was presented at the Blackhat Europe forum earlier this year. "According to the U.S national vulnerability database, 165 vulnerabilities within antivirus products have been reported during the last 4 years" Danchev says.

n.runs AG, meanwhile, concludes that "The tests performed by the consulting company and solutions developer n.runs have indicated that every virus scanner currently on the market immediately revealed up to several highly critical vulnerabilities. Contrary to their actual function, the products open the door to attackers, enable them to penetrate company networks and infect them with destructive code. The positioning of anti-virus software in central areas of the company now poses an accordingly high security risk."

What is parsing and why is it at the heart of the anti-virus scanner security debate? Read on to find out...

CONTINUED


Start 1 2 Next 

Sponsored Announcements

Websense #1 in Web Security Fourth Year in a Row

David Bass | For the fourth year in a row, IDC has placed content security provider Websense (NASDAQ: WBSN) at the top of the IDC Worldwide Web Security 2011 –…

You may have missed


Advertisement

- sponsored feature -

The Death of Traditional BI: What’s Next?

How to Make Business Discovery Work for Your Business IP PABX BUYING GUIDE

Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases