Business Antivirus Programs Not Detecting Exploits?

Sue Marquette Poremba

Along with firewalls and good passwords, antivirus software is considered to be on the front lines of good computer and network security.


But now we find that we may not be able to trust those antivirus programs. According to an article in Computerworld, NSS Lab tested the software from 10 major security companies to see how the packages detected client-side exploits. The results were not encouraging. The article stated:

A majority of security software suites still fail to detect attacks on PCs even after the style of attack has been known for some time. The attacks are often done by tricking a user into visiting a hostile Web site that delivers an exploit, or a specially crafted code sequence that unlocks a vulnerability in a software application.

However, how reliable is the NSS Labs testing? Brian Krebs investigated the issue a little deeper at his blog, Krebs on Security. He wrote:

NSS doesn't make a lot of information available about its methodology, and this omission has driven much of the criticism of previous NSS Labs reports.

If nothing else, the report shows that no program is perfect, and business users may be safer with having more than one antivirus program, as well as making sure to keep up with the latest patches.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.