Many AV Solutions Have Critical Vulnerabilities

Sue Marquette Poremba
Slide Show

Security 2016: What to Expect in the New Year

Anti-virus software is supposed to be the front line of security defenses, right? But what happens when AV software is found to be vulnerable?

It’s not uncommon. Earlier this year, Sophos and Kaspersky Lab, for example, both had to deal with critical vulnerabilities discovered in or affecting their security packages.

Earlier this week, enSilo announced its discovery of a critical security vulnerability affecting various AV software products. According to a release from Tomer Bitton, co-founder and VP Research, the company discovered a critical security vulnerability that could potentially turn AV software into an “attacker-enabler tool.”

It started with finding a vulnerability in AVG’s software, which led the researchers to wanting to see if this was an isolated incident or a real problem in AV. We know the answer to that from the aforementioned examples. (To help you find out if you have a vulnerability problem with your AV, enSilo released a vulnerability checker.) As Bitton wrote in a blog post:

These types of vulnerabilities clearly demonstrate the problems in the security eco-system. On the one hand, Microsoft invests loads of resources in defenses, mitigations and enhancements to strengthen its system against compromise. On the other hand, there’ll always be some oversight in applications. Unfortunately, it’s precisely vulnerable third-party applications that can lead to the compromise of these same defenses.

Does this mean that, like username/password combinations, AV software has peaked as a primary security source? Yes and no. Like passwords, AV software isn’t going anywhere any time soon. It is a mainstay in our security set-up, especially so for those who are focused on protecting individual devices and not entire networks. But I think there is a shift happening, as the protection becomes more concentrated on protecting data. Or, as Kelly Jackson Higgins wrote for Dark Security, endpoint security is the more pragmatic response. She added:

The endpoint remains the most attractive and soft target for cyber criminals and cyber espionage actors to get inside the door of their targets. There's a treasure trove of intelligence about the attack at the endpoint, and EDR tools take advantage of that by gathering and storing that information in response to an attack and as intel to thwart future ones.

This is the time of year when I and others talk about security predictions and trends for the coming year. Could 2016 be the year we start to shift away from traditional protections to new, more effective solutions?

Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba

Add Comment      Leave a comment on this blog post
Dec 20, 2015 12:16 AM Alexis Bush Alexis Bush  says:
Most antivirus product get infected even they are security software. this is not useful where security is most important. it is like no use and loss our imporatant information. Reply
Dec 24, 2015 1:13 AM romanberry romanberry  says:
many antivirus are available in market but they did not provide techsupport , so Critical Vulnerabilities increase . Reply
Jan 25, 2016 3:58 AM kathrynloren kathrynloren  says:
Mcafee total protection antivirus provides all round protection blocking all the unwanted threats, malware virus which can harm your computer. mcafee MTP retailcard when gets installed in the computer can make you free from any kind problems. To install mcafee is very easy but if some kind of problem exists it might stop you from creating a mcafee account. Reply

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.