« October 2005 | Main

November 01, 2005

Are virus scanners putting you at risk?

Is it a bug or isn't it?

A flaw in several virus scanners could let a malicious file evade detection, a security researcher has warned. But some in the industry dispute that it's a security bug.

By adding some data to a file, an attacker could trick virus scanners into letting a malicious executable file pass through, security researcher Andrey Bayora wrote in an advisory last week. The problem lies in the scanning engine, which won't detect files that have the extra data. Bayora refers to that extra data as the "Magic Byte."

"This is one of the most significant antivirus vulnerabilities of recent times, as it affects the majority of scanner software," Bayora wrote in an article on his Web site that details the issue.


November 1, 2005 | Permalink | Comments (13) | TrackBack