APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

With security software, the cure can be worse than the disease

So a recent Google blog post talked about some really bad things they found in Kaspersky Antivirus. Apparently having that software on your machine actually makes you vulnerable to drive by exploits - that is, your system can be p0wned just be visiting a website or getting an email - and not even reading it!

What's truly amazing about this is that some of the attack vectors are simple buffer overflow attacks. There's nothing new about buffer overflows; they are caused by sloppy code and the software industry has a long, tragic history of repeating that particular sloppiness again and again. It's beyond astonishing that a respected A/V vendor like Kaspersky would repeat these mistakes in their own code!

Not that other A/V vendors are any better: Google has also found problems with Sophos and ESET.

Ars Technica says that you and I don't need to worry much as this type of exploit is more likely to be launched against a bank or high value company. I'm not sure that makes me any happier.

Kaspersky: Mo Unpackers, Mo Problems.

Buffer Overflow Attacks

Security wares like Kaspersky AV can make you more vulnerable to attacks

Sophail: Applied attacks against Sophos Antivirus

Analysis and Exploitation of an ESET Vulnerability

Got something to add? Send me email.

(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> -> With security software, the cure can be worse than the disease

Increase ad revenue 50-250% with Ezoic

More Articles by

Find me on Google+

© Anthony Lawrence

Kerio Connect Mailserver

Kerio Samepage

Kerio Control Firewall

Have you tried Searching this site?

Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us