« New worms could be born from Samy. | Main

November 01, 2005

Are virus scanners putting you at risk?

Is it a bug or isn't it?

A flaw in several virus scanners could let a malicious file evade detection, a security researcher has warned. But some in the industry dispute that it's a security bug.

By adding some data to a file, an attacker could trick virus scanners into letting a malicious executable file pass through, security researcher Andrey Bayora wrote in an advisory last week. The problem lies in the scanning engine, which won't detect files that have the extra data. Bayora refers to that extra data as the "Magic Byte."

"This is one of the most significant antivirus vulnerabilities of recent times, as it affects the majority of scanner software," Bayora wrote in an article on his Web site that details the issue.

Via CNET

November 1, 2005 | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d83422c12153ef00d83463d3d869e2

Listed below are links to weblogs that reference Are virus scanners putting you at risk?:

Comments

i just have read Bayora's article, great!

but i believe that the antivirus software at

http://www.shareware123.com/utility/antivirus/index_2.htm can be not effect by the antivirus vulnerabilities.

Posted by: mary | Aug 30, 2006 2:15:01 AM

While it isn't possible to filter out all the spam email because of evolving spam techniques, there's a way to get a little profit from spam: you take the subjects from the spam emails and use them as ideas for creating relevant content sites :)

Posted by: Antispambusiness | Jan 10, 2007 8:14:38 AM

In business I make it a priority to ensure that my data files are secure and that my network is free from things like spyware and malware. Viruses are a big concern too and I’m wondering what programs you all use to keep things clean. I’ve tried several different applications none of which really did the trick for me. I was told to download some a free Antivirus Software, http://www.free-antivirus.eeye.com which I eventually did.

Some of these programs were very disappointing but there were a few that had what I was looking for. I’ve narrowed my choice down to two thus far and hopefully the guys in IT will help me make a sound decision on which one to use on a permanent basis. If all goes well I’ll have to spend less man hours combating viruses and malware.

Posted by: Jayson | Sep 27, 2007 4:36:22 PM

HEY BITCHES. MY SPAM FILTER IS THE BEST. TRY TO FUCKING CLOG MY EMAIL WITH YOUR GAY SCAMS, VIAGRA ADS AND MALWARE SITES. IT WILL FILTER ALL THAT BULL SHIT.

the_exile@mail.ru

zalina@exile.ru

Posted by: FUCK YOU | May 31, 2008 4:14:04 PM

Of course they put you at risk. Funny reading this i didn't realize how old it was. This site is getting spammed bad. Too bad you have not updated in a few years LOL!

Posted by: Peter Parker | Feb 17, 2010 3:46:53 PM

Viruses are always a pain to deal with. I always hand type the urls of the websites I want to visit.

Posted by: Rick@Service Management Software | Mar 5, 2010 3:02:47 PM

Luckily, anti-virus software has gotten better from when this article was written.

Posted by: Tim | Mar 11, 2010 11:21:56 AM

I have enjoyed by your post.Virus Scanners introduced readers to two services that allow virus writers to upload their creations to see how they are detected by many anti-virus scanners.I think this is an awesome story would love to find out how they got the heads up to do the story in the first place.

Posted by: hosting mapserver | Oct 12, 2010 5:19:24 AM

Yes, There are many websites that has a virus problem. While logging in the website this is indication showing that malicious problem. But i have installed antivirus software. Now its better, But i want a better antivirus software. Please tell me the details that which is the best antivirus software.
_________________
Paul

Posted by: Security Tool | Mar 4, 2011 10:17:19 PM

This is something that we should take note of.

Registry Resource

Posted by: kaycee | May 18, 2011 7:59:46 PM

please install antivirus plugin to your browser to prevent from any malware..

Posted by: ricky | Nov 17, 2011 2:04:44 AM

I've been using Microsoft's free anti virus and been happy so far. As a matter of fact I run this website - www.leakdetectiononline.com from my home office and the server has anti-virus program. No problems so far ... I recommend it.

Posted by: Alex | Dec 15, 2011 1:45:54 PM

I did not know that this could happen. It makes me not want to use theses virus scanning programs. Thanks for the info.

Posted by: Jack Johnson | Jan 24, 2012 6:41:38 PM

The comments to this entry are closed.