Hackers create software to dribble antivirus in attacks to browsers (check this)

It is HERE (translated)

Bad news for AVs

 

Don't exactly understand what it is due to machine translation, but doesn't it depend on the browser having unpatched vulnerabilities?

 

English version:

http://www.pcworld.com/article/id,127542-c,hackers/article.html

 

Thanks for that link

 

This should be interesting. A good heuristics engine should be able to catch it well enough, and those without good heuristics will need to create strong generic signatures...

 

has kaspersky and f-secure got good enough heristics to catch it?
or will there HIPS stop it?

 

Greenborder Pro would stop it.

 

Kaspersky 6.0 with Proactive Defense Module enabled should be able to stop it.

Not sure about F-Secure, though. Mostly F-Secure 2007 should be able to protect too. Most other KAV clones may not offer good enough protection against this kind of threat at the current time. However, if Kaspersky does release its new heuristic engine soon, all products using KAV engine should be able to provide some degree of protection against this kind of threat.

 

thanks and f-secures "deepfreeze" should protect me.


lodore

 

I looked at the deepfreeze product a few years back but never got the chance to actually try it myself. Do you recommend this product? I personally think the concept will eventually be the only method to protect Internet connected computers in the future as exploits become more and more complex in the evading abilities as well as if MS locks their kernel and not really effective AVs can be developed. If you could give me your thoughts on using deepfreeze I would appreciate hearing them.

 

woops sorry you got what i said wrong im talking about f-secures HIPS called deep freeze. im not talking about deepfreeze as in frozen snapshot. sorry for the misunderstanding.

i dont know why f-secure called its HIPS deep freeze thou.

 

Ok, no problem. I hate that when companies name different product the same the thing.

 

I did just watch a video of deep freeze frozen snap shot program and it does seem good. it could be useful for internet cafe's so it doesn't matter what those idiots there do lol.

 

F-Secure's improved proactive protection technology is called DeepGuard, not Deepfreeze.

 

woops sorry I got it wrong IMO