Antivirus Security: Naked During Updates (paper)

From http://onlinelibrary.wiley.com/doi/10.1002/spe.2197/abstract:

Pdf at hxxp://www.cs.sjsu.edu/faculty/stamp/papers/topics/topic8/spe2197.pdf .

 

No mention of avast! or Comodo. Makes me wonder if these two are affected as well...

 

Tested products:

Avast! Free Antivirus 7
Microsoft Security Essentials 4
ESET Smart Security 5
Symantec Norton Internet Security 2013
AVG AntiVirus Free and Commercial 2012 and 2013
Avira Antivirus Free, Premium and Internet Security 2012 and 2013
Kaspersky Internet Security 2013
McAfee Total Protection 2013
Panda Internet Security 2013
Trend Micro Maximum Security 2013

 

Similar problem...I think
http://threatpost.com/are-automated-update-services-the-next-surveillance-frontier/104558

 

The five tested products above that aren't listed in the abstract are rated as "Seems not vulnerable."

 

avast! Free v7. That's like ancient history now... no one is going to fix a 2 generations old program. That's the whole point of updating AV's, and not just definitions. Hradly relevant imo. And whoever is running outdated version is doing so on their own risk. Same applies to most other vendors as well.

 

Post #1: changed paper link.

 

Very interesting. Thanks for posting it.

 

Mhm.....ESET V5 is not new either.

 

No, but since it does not seem to be affected I feel that much better about v7.

 

Heh is that so, well I haven't read it yet. But that's good to know

edit: now I have read it

 

No no no RejZoR, I think you misunderstood: if you open the PDF, you will see that avast WAS tested (indeed v7, but I don't think that it changes anything) and that it was not found vulnerable to the attack. That's why it's not mentioned in that paragraph that the original poster quoted.

That is, the research does mention it, but it says that the vulnerability doesn't apply to it (together with Eset, Kaspersky, Panda and Trend).

Cheers
Vlk