APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

With security software, the cure can be worse than the disease

© September 2015 Anthony Lawrence

So a recent Google blog post talked about some really bad things they found in Kaspersky Antivirus. Apparently having that software on your machine actually makes you vulnerable to drive by exploits - that is, your system can be p0wned just be visiting a website or getting an email - and not even reading it!

What's truly amazing about this is that some of the attack vectors are simple buffer overflow attacks. There's nothing new about buffer overflows; they are caused by sloppy code and the software industry has a long, tragic history of repeating that particular sloppiness again and again. It's beyond astonishing that a respected A/V vendor like Kaspersky would repeat these mistakes in their own code!

Not that other A/V vendors are any better: Google has also found problems with Sophos and ESET.

Ars Technica says that you and I don't need to worry much as this type of exploit is more likely to be launched against a bank or high value company. I'm not sure that makes me any happier.

Kaspersky: Mo Unpackers, Mo Problems.

Buffer Overflow Attacks

Security wares like Kaspersky AV can make you more vulnerable to attacks

Sophail: Applied attacks against Sophos Antivirus

Analysis and Exploitation of an ESET Vulnerability

Got something to add? Send me email.

(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> With security software, the cure can be worse than the disease

Inexpensive and informative Apple related e-books:

Take control of Apple TV, Second Edition

Take Control of iCloud

Take Control of High Sierra

Sierra: A Take Control Crash Course

Photos: A Take Control Crash Course

More Articles by © Anthony Lawrence

Printer Friendly Version

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us

Printer Friendly Version

Computers have been taught to distrust each other and will reject attempted connections most of the time. Nowadays, most computers and firewalls are utterly rude about it: it would be like asking someone to dance and having them ignore you as though you were invisible and inaudible. (Tony Lawrence)

Linux posts

Troubleshooting posts

This post tagged:



Unix/Linux Consultants

Skills Tests

Unix/Linux Book Reviews

My Unix/Linux Troubleshooting Book

This site runs on Linode