Thursday, December 3, 2009

Common antivirus products disabled within minutes

It was the subject of a contest organized by the French IT (and other disciplines) engineering school ESIEA. Results are available as slideshows at this address.

Summarizing roughly, the most common antivirus products (McAfee, Norton = Symantec, Kaspersky...) can be disabled within minutes by a clever virus maker.
Posted by Christophe Pradier-Pfeiffer at 12/03/2009 11:03:00 PM
Tags: ,

3 comments:

  1. Christophe Pradier-PfeifferDecember 4, 2009 at 1:08 PM

    I just removed a comment by user "johns" which gave a link to rogue antivirus software sites.

    ReplyDelete
  2. Cd-MaNDecember 4, 2009 at 1:09 PM

    One important note: all the described disabling methods need administrator level access. If you have admin access or are in a position to obtain it (for example elevating from a power user), all bets are off.

    ReplyDelete
  3. Christophe Pradier-PfeifferDecember 4, 2009 at 7:50 PM

    Yes. The team from ESIEA said that many of the attacks start by using a vulnerability that gives administrator access, so their tests were like in a real-life situation.

    ReplyDelete

I can read French, English, German and Romanian, please feel free to write in whichever language you prefer.

Subscribe to: Post Comments (Atom)