Virus scanner pave the way in the network attackers Oberursel, June 24, 2008 800 vulnerabilities tracked down specialist of n.runs AG, as well as other security experts round over the past months in virus protection solutions. The conclusion: Contrary to their actual function, open the products the attackers and enable them to penetrate corporate networks and infect them with malicious code. The placement of anti virus software at central points in the company therefore represents a high security risk. (Similarly see: Carrie Levin chef). N.runs AG reacts to this fact with the specially developed system aps AV a solution that protects the entire E-Mail and anti-virus-infrastructure and prevents all attacks from the outside. That of the consulting companies and solution developers n.runs tests carried out have shown that each virus scanner on the market had several highly critical vulnerabilities. They pave the way for denial of service(DOS)-Attacken and allow to inject pests on the security solution into the network and even Execute malicious code. Thus allow that what they actually protect anti virus solutions.
As one of the main causes for this boomerang effect, n.runs could make up the so-called parsing. The principle works as follows: virus scanner must detect many pests and thus to understand a large number of file formats and process. To interpret the formats, an application must be divided in blocks and structures the corresponding file. This breaking down data into analysable parts is known as parsing. When parsing, constellations, which allow to inject program code and to bring to the execution due to misconceptions. In addition, the fast response time expected by the manufacturers with regard to threats contributes to the deterioration of the quality of the code. In short: More parsing will take place while the higher is the rate of detection and protection against malicious software, the attack surface becomes greater but at the same time, the antivirus solution itself becomes a target.