Jump to content

Recommended Posts

  • ExTS Admin
Posted

Less known to users is the fact that antiviruses (AV), the programs they use to protect their computers, can also be hacked, just like any other piece of software. This is not only a science-fiction theory, but something that attackers are actively searching for, and that security researchers are working to discover and then help AV makers patch.

 

A ground-breaking study was carried out in November last year, when AV-TEST, an independent IT-security institute, presented the results of the research into the self-protection measures employed by antiviruses.

 

Back in 2014, only one antivirus targeting home consumers (Eset Smart Security 8) and another one targeting business endpoints (Symantec Endpoint Protection) were found to be fully protected against various attacks points.

 

AV-TEST has redone this test this year, and antivirus makers that were caught slacking when it came to self-security have learned their lessons and deployed better self-protection measures.

 

Antivirus self-protection is achieved by implementing DEP & ASLR in their codebase

 

This includes the use of DEP and ASLR, two techniques used by many software products to protect themselves, and more specifically, by the kernel of multiple operating systems, ranging from Android to Linux, and from Mac OS X to Windows.

 

ASLR stands for "Address Space Layout Randomization" and is a technique used against buffer overflow attacks by randomizing the position where data is stored in the memory.

 

DEP stands for "Data Execution Prevention" and is a hardware-based security system that marks memory data as executable or non-executable. With DEP enabled, only authorized data can be run.

 

Antivirus engines have learned their lesson

 

In AV-TEST's 2015 results, home consumer antivirus engines that have achieved 100% self-protection results include Avira Antivirus Pro, Bullguard Internet Security, Eset Smart Security, Kapersky Internet Security, McAfee Internet Security, and Symantec Norton Security. The product that has scored the lowest score in this test is K7 Computing Total Security, with only 25.9%.

 

http://img.photobucket.com/albums/v708/starbuck50/which-antiviruses-protect-themselves-against-attacks-495321-2_zpso7socswk.jpg

 

In the business endpoint protection category, 100% test results have been achieved by three products, namely Kaspersky Lab Endpoint Security 10.2, Kaspersky Lab Small Office Security 4, and Symantec Endpoint Protection 12.1. The lowest score in this category has been for Seqrite Endpoint Security 16.00 with 29.8%.

 

http://img.photobucket.com/albums/v708/starbuck50/which-antiviruses-protect-themselves-against-attacks-495321-3_zpsxztskn91.jpg

 

 

 

Source:

http://news.softpedia.com/news/which-antiviruses-protect-themselves-against-attacks-495321.shtml

Member of:

UNITE

  • Replies 0
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...