Anti-Malware Applications Aren’t Preventing Several Malware Attacks
According to NSS Labs, malicious software entering from one end, though potentially blocked there, often remains undetected with the help of EPPs (Endpoint Protection Products) when it enters from other ends like a server for network file or a drive meant for USBs.
Said Chief Executive Officer Rick Moy at NSS Labs, his organization's researchers uncovered that the same malicious program wasn't necessarily caught when it was thrust to the system via multiple entrances. He explained that when malware was detected while doing Web-surfing, it could pass off undetected via the same anti-malware software incase the software resided on any file share, a USB, alternatively was e-mailed. Infosecurity.com published this on March 11, 2011.
Reportedly, during the experiments at NSS, hardly any security application scrutinized or removed worms within e-mails prior to downloading of the messages; however, they did scrutinize once the messages landed on the computer.
Moreover, when NSS tested ten anti-malware applications in all, the researchers found that the applications missed 10%-60% of the different channels for entry which malware authors commonly used. The majority of the applications, however, performed better in quarantining the malicious software when it got loaded onto the affected computer, albeit the technique was riskier compared to removing the potential infiltrator prior to arriving at the entry point, they discovered.
Furthermore, the company discovered that 33% or less number of the anti-malware applications provided defense from memory-only malware. Stated NSS that this malware was inserted inside memory straight from surfing on the Web rather than having it downloaded, so detecting the malware was harder for the security applications.
Stated CTO Vik Phatak of NSS Labs, IT companies globally thought they were secured partly because of tests which weren't difficult to conduct, but actually they weren't wholly secured. Meanwhile, the tests at NSS suggested there was requirement of more down to earth testing related to whatever online crooks were actually doing towards infringing upon company defenses, he added. PCWorld published this on March 12, 2011.
Nevertheless, according to the researchers, security companies characteristically provide a patch that merely detects a virus at the first instance without really monitoring the subsequent virus signatures.
Related article: Anti-Spam Laws may not Solve the Problem
» SPAMfighter News - 22-03-2011