Popular Security Software Demonstrate Dramatic FailuresSecunia, a Danish security analysis company, conducted a series of tests that showed a comprehensive suites of security software from the dominant anti-virus providers failed dramatically in identifying tailor-made malicious programs exploiting the most current software vulnerabilities. The security company is asking to rethink in detail about the way security software is designed, shifting from detection by ineffective signature-based suites to more effective defenses. In the 300 tests that Secunia conducted using over 150 known software vulnerabilities, nearly all the twelve security software suites tested from vendors such as McAfee, Microsoft, TrendMicro and F-Secure detected only 1% to 3% of the experimental attacks. Secunia also stated that its tests highlighted the signature-based security software's shortcomings. Moreover, general identification of exploit codes would prove a more suitable approach because what stimulates vulnerability, as opposed to an attack's payload, remains unchanged, the security agency said. According to Chief Technology Officer at Secunia, Thomas Kristensen, there were problems in detecting 300 exploits because the anti-virus software providers are more inclined to turning signatures towards hacker payloads such as worms, spyware and Trojan horses. These are malwares that are detected, assigned names and then located by adding to the security software a fresh detection "fingerprint", as reported by computerworld on October 13, 2008. However, the security expert stated that despite rapid creation of a payload-based signature, customers continue to be exposed for a long time from the point when the criminals begin allotting their freshly created payload until the malware might be caught. Further, many times the security agencies can complete their malware analysis and develop a signature during the same period when the criminals create an attack code for launching their attacks. Finally, these outcomes clearly indicate that more prominent security vendors tend to overlook security flaws. Instead by using a more conventional approach, they leave customers at risk of new vulnerability-exploiting malwares. While it was not expected that the security vendors would demonstrate such a poor performance, it is surprising how they almost completely ignore the malicious payloads. Related article: Popular Firefox Inching Towards Malware’s Target » SPAMfighter News - 23-10-2008
Share and tell your friends!
| All SPAMfighter products offer a free trial!
SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.
Optimize your Slow PC for better performance. Try FREE scan now
SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.
Remove Spyware with SPYWAREfighter - Free 30 days trial
Antivirus software for your Windows PC - Free 30 days trial | ||||||||||||||||||||||||||||
| <<< | >>> | ||||||||||||||||||||||||||||
SPAMfighter is
