New security exploit fools all tested security programs

Computer security researchers at matousec.com have discovered a new method of attacking computers with malware that bypasses the majority of popular virus protection programmes, including McAfee, AVG and BitDefender.


The researchers were quoted as saying "We have run tests with most of today's Windows desktop security products... 100% of the tested products were found vulnerable". They went on to say that the list of 34 security products they tested was only limited by the time the had available for testing. "Otherwise," they said "the list would be endless".

The exploit tricks anti-virus software by allowing it to scan a benign piece of code, and then after the anti-virus has cleared it, switching it out for malware before it executes. Systems running multiple processing cores are said to be particularly vulnerable.

This method of attack apparently has its limitations: it requires a lot of code to be loaded onto the target machine, limiting how quick and sneaky the attack can be, and also requires that the attacker have the ability to run binary on the victim's computer. However, the malware could be hidden inside vulnerable programs installed intentionally by the user without ever raising alarm.



Source - matousec.com