msanto
November 1st, 2005, 12:10 PM
Check out the link to the advisory. NOD32 is listed as NOT vulnerable.
Evasion bug bites virus shields
A flaw in several virus scanners could let a malicious file evade detection, a security researcher has warned. But some in the industry dispute that it's a security bug.
By adding some data to a file, an attacker could trick virus scanners into letting a malicious executable file pass through, security researcher Andrey Bayora wrote in an advisory (http://dw.com.com/redir?destUrl=http%3A%2F%2Fwww.securityelf.org%2Fmagicbyteadv.html&siteId=3&oId=2100-1002-5924738&ontId=1009&lop=nl.ex) last week. The problem lies in the scanning engine, which won't detect files that have the extra data. Bayora refers to that extra data as the "Magic Byte."
The problem affects numerous antivirus products, including software from Trend Micro, McAfee, Computer Associates and Kaspersky Lab, said Bayora, who works as a computer security consultant in Israel. His advisory also lists several products that are not affected, including software from Symantec, F-Secure and BitDefender.
__________
Read More / Source: News.com (http://news.com.com/Evasion+bug+bites+virus+shields/2100-1002_3-5924738.html?tag=nefd.top)
Evasion bug bites virus shields
A flaw in several virus scanners could let a malicious file evade detection, a security researcher has warned. But some in the industry dispute that it's a security bug.
By adding some data to a file, an attacker could trick virus scanners into letting a malicious executable file pass through, security researcher Andrey Bayora wrote in an advisory (http://dw.com.com/redir?destUrl=http%3A%2F%2Fwww.securityelf.org%2Fmagicbyteadv.html&siteId=3&oId=2100-1002-5924738&ontId=1009&lop=nl.ex) last week. The problem lies in the scanning engine, which won't detect files that have the extra data. Bayora refers to that extra data as the "Magic Byte."
The problem affects numerous antivirus products, including software from Trend Micro, McAfee, Computer Associates and Kaspersky Lab, said Bayora, who works as a computer security consultant in Israel. His advisory also lists several products that are not affected, including software from Symantec, F-Secure and BitDefender.
__________
Read More / Source: News.com (http://news.com.com/Evasion+bug+bites+virus+shields/2100-1002_3-5924738.html?tag=nefd.top)