APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

With security software, the cure can be worse than the disease

Some material is very old and may be incorrect today

© September 2015 Anthony Lawrence

So a recent Google blog post talked about some really bad things they found in Kaspersky Antivirus. Apparently having that software on your machine actually makes you vulnerable to drive by exploits - that is, your system can be p0wned just be visiting a website or getting an email - and not even reading it!

What's truly amazing about this is that some of the attack vectors are simple buffer overflow attacks. There's nothing new about buffer overflows; they are caused by sloppy code and the software industry has a long, tragic history of repeating that particular sloppiness again and again. It's beyond astonishing that a respected A/V vendor like Kaspersky would repeat these mistakes in their own code!

Not that other A/V vendors are any better: Google has also found problems with Sophos and ESET.

Ars Technica says that you and I don't need to worry much as this type of exploit is more likely to be launched against a bank or high value company. I'm not sure that makes me any happier.

Kaspersky: Mo Unpackers, Mo Problems.

Buffer Overflow Attacks

Security wares like Kaspersky AV can make you more vulnerable to attacks

Sophail: Applied attacks against Sophos Antivirus

Analysis and Exploitation of an ESET Vulnerability

If you found something useful today, please consider a small donation.

Got something to add? Send me email.

(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> With security software, the cure can be worse than the disease

Inexpensive and informative Apple related e-books:

Take Control of Parallels Desktop 12

Take Control of Preview

Take Control of iCloud

Take Control of High Sierra

iOS 8: A Take Control Crash Course

More Articles by © Anthony Lawrence

Printer Friendly Version

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us

Printer Friendly Version

I just had to take the hypertext idea and connect it to the TCP and DNS ideas and — ta-da!— the World Wide Web. ((Tim Berners-Lee)

Linux posts

Troubleshooting posts

This post tagged:



Unix/Linux Consultants

Skills Tests

Unix/Linux Book Reviews

My Unix/Linux Troubleshooting Book

This site runs on Linode