Search Box

Monday, September 28, 2015

Anti-Virus Tools Can Make You Vulnerable

Security Wares Like Kaspersky AV Can Make You More Vulnerable to Attacks

Products often open computers to hacks they otherwise wouldn't be vulnerable to.

Dan Goodin | September 23, 2015

Antivirus applications and other security software are supposed to make users more secure, but a growing body of research shows that in some cases, they can open people to hacks they otherwise wouldn't be vulnerable to.

What these tools do is a widespread method. They install a root certificate into the user's browser and then they perform a so-called Man in the Middle attack. They present the user a certificate generated on the fly and manage the connection to HTTPS servers themselves. Superfish and Privdog did this in an obviously wrong way, Superfish by using the same root certificate on all installations and Privdog by just accepting every invalid certificate from web pages. What about other software that also does MitM interception of HTTPS traffic? Source:
The latest example is antivirus and security software from Kaspersky Lab. Tavis Ormandy, a member of Google's Project Zero vulnerability research team, recently analyzed the widely used programs and quickly found a raft of easy-to-exploit bugs that made it possible to remotely execute malicious code on the underlying computers. Kaspersky has already fixed many of the bugs and is in the process of repairing the remaining ones. In a blog post published Tuesday, he said it's likely he's not the only one to know of such game-over vulnerabilities.

<more at; related links: (Kaspersky AV makes you more vulnerable to attacks. September 24, 2015. "Any Antivirus is created to make users more secure, but Kaspersky antivirus is doing the opposite. According to Tavis Ormandy, a member of Google Project Zero team, Kaspersky antivirus makes you more vulnerable to attacks.") and [A Rebuttal:]  (5 Myths of Virtualization Security: You May Be More Vulnerable Than You Think. "Businesses increasingly are relying on virtual machines to handle more critical data and tasks than ever before. The reality is that virtualization is growing as a platform for managing customer data, financial transactions and the applications that businesses use. Simply put, virtualization is a core component of today's mission-critical IT infrastructure. However, while the increased reliance on virtualization is very real, many businesses are misguided about their security needs in this environment. There are several myths that have serious consequences that can impact performance and leave organizations vulnerable to an attack. Understanding these issues can help you make smarter decisions about your business' virtual environment. Read more.">

No comments:

Post a Comment