1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Which Antiviruses Protect Themselves Against Attacks

Discussion in 'Security Updates' started by starbuck, Oct 26, 2015.

  1. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Less known to users is the fact that antiviruses (AV), the programs they use to protect their computers, can also be hacked, just like any other piece of software. This is not only a science-fiction theory, but something that attackers are actively searching for, and that security researchers are working to discover and then help AV makers patch.

    A ground-breaking study was carried out in November last year, when AV-TEST, an independent IT-security institute, presented the results of the research into the self-protection measures employed by antiviruses.

    Back in 2014, only one antivirus targeting home consumers (Eset Smart Security 8) and another one targeting business endpoints (Symantec Endpoint Protection) were found to be fully protected against various attacks points.

    AV-TEST has redone this test this year, and antivirus makers that were caught slacking when it came to self-security have learned their lessons and deployed better self-protection measures.

    Antivirus self-protection is achieved by implementing DEP & ASLR in their codebase

    This includes the use of DEP and ASLR, two techniques used by many software products to protect themselves, and more specifically, by the kernel of multiple operating systems, ranging from Android to Linux, and from Mac OS X to Windows.

    ASLR stands for "Address Space Layout Randomization" and is a technique used against buffer overflow attacks by randomizing the position where data is stored in the memory.

    DEP stands for "Data Execution Prevention" and is a hardware-based security system that marks memory data as executable or non-executable. With DEP enabled, only authorized data can be run.

    Antivirus engines have learned their lesson

    In AV-TEST's 2015 results, home consumer antivirus engines that have achieved 100% self-protection results include Avira Antivirus Pro, Bullguard Internet Security, Eset Smart Security, Kapersky Internet Security, McAfee Internet Security, and Symantec Norton Security. The product that has scored the lowest score in this test is K7 Computing Total Security, with only 25.9%.

    a6d2e10dee53773059ff91f969f70d60.jpg

    In the business endpoint protection category, 100% test results have been achieved by three products, namely Kaspersky Lab Endpoint Security 10.2, Kaspersky Lab Small Office Security 4, and Symantec Endpoint Protection 12.1. The lowest score in this category has been for Seqrite Endpoint Security 16.00 with 29.8%.

    9b23fbd0874e0951cda61cb8f891915f.jpg



    Source:
    http://news.softpedia.com/news/which-antiviruses-protect-themselves-against-attacks-495321.shtml
     
    starbuck, Oct 26, 2015
    #1

Share This Page