Approximately 800 vulnerabilities discovered in antivirus products

Discussion in 'other security issues & news' started by MrBrian, Jul 8, 2008.

Thread Status:
Not open for further replies.
  1. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  2. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Hmm AVG,BitDefender and F-prot the lowest to vulnerabilties.:eek:
     
  3. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Note: that's not including the newly discovered vulnerabilities mentioned in this story.
     
  4. tlu

    tlu Guest

    ... and now add all the vulnerabilities probably contained in all these HIPS, Personal Firewalls :D

    I once wrote in another thread here: The more security software you use the larger is your attack surface. This report seems to confirm that.
     
  5. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I do wonder at times if adding security sometimes may decrease ones security In the OS itself.Like for Instance the vulnerablilities In the security apps them self opens the door for lets say a bad guy that is not there with out the security product In place.:doubt:PS still prefer to have something in place. though not perfect sometimes still better then nothing I think.
     
  6. i_g

    i_g Registered Member

    Joined:
    Aug 30, 2006
    Posts:
    133
    I would like to know how many of those 800 vulnerabilities are real (=dangerous) vulnerabilities... I've seen some "vulnerabilities" discovered by n.runs - which I certainly wouldn't call "vulnerabilities", maybe not even "issues"... but rather features they don't like.
     
  7. tlu

    tlu Guest

    Why not LUA+SRP?
     
  8. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Well yes LUA Helps of course but I run vista with DEP ALL Programs with UAC ON=protection Mode On, Is that not essentially the same where I have to approve admin elevation.Besides the fact with Kav and Shadow Defender on board. may I add FirstDefense-ISR and a Offline clean Image if anything does escape my defense. I see No reason To run LUA but good suggestion all the same.
     
  9. Dogbiscuit

    Dogbiscuit Guest

    My how approaches have changed here over time...
     
  10. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    I was thinking of posting a reference to this in one of the LUA threads. Since resident anti-virus products often run code in the LocalSystem account, a buffer overflow vulnerability in that part of the anti-virus product code could lead to full system compromise, even with LUA+SRP.
     
  11. kwismer

    kwismer Registered Member

    Joined:
    Jan 4, 2008
    Posts:
    240
    the folks at n.runs are a little - how should i put this - sensationalistic about the scanner vulnerability issue...

    it probably has something to do with the technology they're offering that is supposed to take care of the class of vulnerability they're going on about...

    should i post a url to the blog post i did on them back in november of last year?
     
  12. Dogbiscuit

    Dogbiscuit Guest

    So the inference is that running with LUA+SRP is safer without an AV?
     
  13. tlu

    tlu Guest

    Actually yes. No new malware can be started without your knowledge, and if you want to install an application you can check it with, e.g., Virustotal first.
     
  14. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,055
    Location:
    The Netherlands
    It does sound a bit scary to me, so perhaps it´s time to run scanners inside a sandbox? Another reason why we really need to have Hyper V virtualization inside the OS. And all security tools have bugs, still I think it isn´t really likely that we will get to see firewalls and HIPS being exploited.
     
  15. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    As long as software will exist expolits and bugs will be there also and as long as viruses exists Antiviruses will be necessary. And of course viruses and exploits will always appear first and then the update. That's logical and simple.
    No need to get paranoid for everything discovered. :)
     
  16. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Could not agree more.
     
  17. Dogbiscuit

    Dogbiscuit Guest

    That's the way I've been operating since SRP was made available for XP Home here (thanks). It's also reassuring to see some confirmation of my hunch. Now the biggest problem is forgetting to check a file with VirusTotal first.
     
    Last edited by a moderator: Jul 9, 2008
  18. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    I would say not necessarily. If you have your antivirus set to scan all files, it might detect poisoned files that would result in buffer overflow exploits in other programs. Also, antivirus can scan for malicious scripts. So I would say that antivirus is a dual-edged sword with LUA+SRP.
     
    Last edited: Jul 10, 2008
  19. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    That's a possible solution.
     
    Last edited: Jul 10, 2008
  20. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Can you please? This was the first I had heard of them.
     
  21. Arup

    Arup Guest

    Was Avira tested?
     
  22. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Apparently so.
     
  23. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  24. Arup

    Arup Guest


    Well then it seems that Avira is not on their graph so it appears not to have done shabbily.
     
  25. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    The graphs shown don't include the ~800 vulnerabilities n.runs claims to have found.
     
Loading...
Thread Status:
Not open for further replies.