Facebook Forced To Let You Vote On Privacy Changes
What Will Google Announce Next Week?
Windows Flaw Lets Malware Sneak Past Almost All Security Software
Researchers at Matousec have discovered a new and particularly worrisome flaw in the Windows ecosystem that allows malware to completely bypass security software. Anti-virus software works by standing between applications and the Windows kernel, inspecting code before it has a chance to execute. Matousec passes benign code through a security suite, thus clearing the way for a program to run, and then swaps it out for malicious code after it passes inspection. The flaw affects nearly every piece of security software on the market, including Norton, McAfee, AVG, Kaspersky and F-Secure. (The entire list of vulnerable software can be found at the end of Matousec's report here.) While researchers only tested the vulnerability against 32-bit versions of Windows XP and Vista, the company says that 64-bit versions of those operating systems, as well as Windows 7, are also at risk.
The only anti-virus tool confirmed to be immune to the attack is the appropriately named Immunet, but that doesn't mean you should immediately jump ship to its product. For the moment, there is no known malware that exploits this security hole. Additionally, it is particularly difficult to exploit in Vista and Windows 7 PCs due to an extra layer of protection called PatchGuard. But perhaps the biggest hurdle to hackers taking advantage of what has been dubbed an "argument-switch attack" is that it can only be executed by malware that has already snuck past a computer's defenses.
The "argument-switch attack" won't give hackers some new way to steal your data, but it does give them a way to open the floodgates once they've already gained access. As always, the best defense is to keep your software up-to-date, and to avoid risky online behavior. Because the flaw is particularly serious for XP users, this is just one more reason to upgrade to Windows 7. [From: Matousec, via: InfoWorld]
40 Years Later 'Napalm Girl' Tells Her Story
Disney World Scammers Scored Four Years of Free Vacations
Lost Dr. Seuss Cartoons Show Another Side Of The Author
Stranger's Kiss Keeps 16-Year-Old From Committing Suicide
Rookie Cop Reportedly Berated, Called 'A Rat' For Arresting Off-Duty Officer
Chain Food Showdown: The Best & Worst Buffalo Wings
Walmart Ending Membership in Conservative Group
How I Went Bankrupt at 23
Disturbing Video Allegedly Shows Montreal Torso Suspect Murdering Victim
Can a New Guy Save Best Buy?
Woman Claims Kangaroo Stalked Her for 2 Days, Then Attacked
Zhang Ziyi Slams Prostitution Allegations
Facebook, Week Two: Fortunes Made and Fortunes Lost (Mostly Lost)
Pete Cosey Dead: Chicago Guitar Great and Miles Davis Collaborator Dies at 68
PHOTOS: Charlize Theron's Short And Shoulder-Baring Style
A Journey To The Hottest Place On Earth: Dallol Ethiopia
Student Ate Roommate's Brain And Heart, Cops Say
Heidi Klum's Sexiest (And Scariest) Outfits
George Zimmerman's Bond Revoked
LOOK: Photos Of Military Moms Breastfeeding In Uniform Cause Controversy
Kansas Police Search For 12-Year-Old Girl Who Disappeared With Canadian She Met Online
Witherspoon Bigamy Case Heats Up
Is Kate Walsh Leaving 'Private Practice' Next Season?
Maine Police Believe Ayla Reynolds Is Dead
Calif. Man Becomes Internet Sensation In China For Random Act Of Kindness
Space Agency Predicts Date Of World-Ending Galactic Smash-Up
New Discovery Sheds Light On Amelia Earhart Mystery
National Spelling Bee Winner Is I-M-P-R-E-S-S-I-V-E
See Kim Without Her Wig On 'Don't Be Tardy For The Wedding'
Porn Actor Mailed Murder Victim's Body Parts To Canada's Top Political Parties: Cops
Jim Moret: 'Still The Most Beautiful Girl I've Ever Seen'
Is This The Most Timeless Hairstyle, Ever?
Comments
2
Subscribe to commentsAPVMay 12th 2010 10:37PM
Ha, Microsoft Security Essentials isn't on that list I believe... :P
HawaiiTomMay 13th 2010 12:33AM
"The results can be summarized in one sentence: If a product uses SSDT hooks or other kind of kernel mode hooks on similar level to implement security features it is vulnerable. In other words, 100 % of the tested products were found vulnerable. The only reason there are not more products in the following table is our time limitation. Otherwise, the list would be endless." Maybe MS SE not tested.