Report finds security tools add software vulnerabilities of their own

Sounds like a nonsense to me. Even if you don't install anything you still have vulnerabilities. True, installing other programs might increase your attack surface. But regarding security products, you are covered by the security features of the product itself. There are trade-offs for everything.

 

Thanks, Ron
An eyeopening report. It leaves you wondering which applications that one may be using can be truly trusted to be secure.

Regards,

Bob

 

Duh. Been saying this for ages now. Security software is massive attack surface, it injects itself into tons of programs, and it buries itself into the OS. An attacker who wants into a system running Chrome doesn't need to do any fancy kernel exploitation or sandbox bypass, they can just go straight for the AV, which is stupidly injection some non-ASLR enabled binary that parses unfiltered input and get insta-admin.

 

Never heard of Kaspersky Internet Security being exploited though.

 

Suggest that Hungryman starts a discussion with the developer of Spyshelter

Some background info on how a few KB of non-randomised code may reduce the effectiveness of such exploit prevention mechanisms

https://www.usenix.org/system/files/login/articles/105516-Schwartz.pdf

 

AV for AV
lol

 

EMET 3.5 has 12 mitigations against exploits. Is it better to protect security apps as well?

 

No, I would only mitigate software running scripts/access to internet (browser, mail, media player pdf, office, etc)

 

Thanx. Actually I shoved into EMET all my routine apps except security. Some apprehensions they can malfunction.

 

I would also say that running multiple realtime anti-malware solutions compounds the vulnerability risk perhaps exponentially.

One example is Zemana's Anti-logger injecting .dlls into other anti-malware relatime prtotection to avoid "conflicts." I caught it doing the same to NIS 2013 SONAR protection.

 

Surprise, surprise. What do people expect? Security software is software. Any software will contains bugs. Any of these bugs can have security implications. Or, was anyone under the impression that security software is different from other software? The only difference is the security word in it.

 

Not surprised at all, another reason to stick to a basic 1st party setup. You don't see MSE loading non-ASLR DDLs.

 

Sorry for being OT, but does Process Explorer also show us if a program uses ASLR or not?

 

Yes, as well as the DLLs it has loaded.

 

Thanks for the clarification.

 

See picture