Get Started for FREE
Sign up with Facebook Sign up with X
I don't have a Facebook or a X account
 Your new post is loading...
Your new post is loading...
Scoop.it!
A security researcher has found a great number of exploitable vulnerabilities in popular security solutions and the AV engines they use, pro... Most (if not all...) antivirus engines run with the highest privileges: root or local system," he noted. "If one can find a bug and write an exploit for the AV engine, (s)he just won root or system privileges." 
No comment yet.
Sign up to comment
|
Scoop.it!
In der Security-Branche ungewöhnlich, bei anderen Produkten längst Usus: Avast führt eine Belohnung für das Melden von Sicherheitslücken in der eigenen Antivirensoftware ein.
Gust MEES's insight:
Ein MUST!
|
Most (if not all...) antivirus engines run with the highest privileges: root or local system," he noted. "If one can find a bug and write an exploit for the AV engine, (s)he just won root or system privileges."
Finally, most AVs get updates via HTTP only protocols, which could lead to man-in-the-middle attacks that deliver malware instead of updates.