According to research, organisations must get their anti-virus products tested before deployment, because the technology across the board elevates attack surfaces.
The findings, from the Singapore-based security firm COSEINC suggest that antivirus companies fail by requiring overly extensive privileges, not signing product updates, and delivering them over insecure HTTP, running old code, and not conducting correct resource code reviews.
The companies in the spotlight included Avira, BitDefender, ESET and Panda.
AV engines were often built in C which led to vulnerabilities. The more capable an antivirus engine, the more avenues it presents for malicious attacks to break into the network.
Joxean Koret, researcher at COSEINC said: "If your application runs with the highest privileges, installs kernel drivers, a packet filter and tries to handle anything your computer may do ... your attack surface dramatically increases."
AV engines make your computer more vulnerable with a varying degree of performance penalty which are as vulnerable to zero day attacks as the applications they try to protect from. They can even lower the operating system exploiting mitigations."
Return to internet news headlines
View Internet News Archive