Jump to content

Anti-virus Products Miss Malware

Apu Nahasapeemapetilon

Recommended Posts


E o nosso tão amado Kaspersky está no mesmo barco :unsure:

An anonymous researcher has reported through several sources that anti-virus products from six vendors fail to detect malware when it is contained in a corrupted Zip file. 

The modification to the Zip file prevents the anti-virus programs from detecting files in it, but it doesn't prevent users from accessing those files, according to an advisory from Internet security research firm iDefense. The vulnerable products are from McAfee Inc., Computer Associates International Inc., Kaspersky Labs, Sophos plc., Eset Software and RAV, according to the advisory.

The problem has to do with the products' handling of an error condition in Zip files, which store information about compressed files stored within them in two locations. There is a local header preceding each file in the archive and a global header at the end of the archive. When the uncompressed size of the file within both archives is set to zero, the affected programs fail to detect malware in the files.

According to their advisory, iDefense notified the affected vendors of the problem on September 16. Some responded in time for Monday's advisory. McAfee provided a detailed explanation, fixes for their products, and noted that there are no known exploits of this technique. Computer Associates and Eset also responded and provided fixes, according to iDefense. 

Kaspersky indicated that the problem would be fixed in their next release. Neither RAV nor Sophos responded, according to iDefense.

Edited by Apu Nahasapeemapetilon
Link to comment
Share on other sites

Na minha opinião o formato .zip está quase extinto... raramente se vê um file na net em formato ZIP, agr usa-se mais rar... Eu n me lembro de abrir um zip faz mt tempo ;)

Kaspersky rulezzz :clap:

mentira... em qq site que tenha um programa para sacar que não tenha instalçaõ vem em 90% dos casos em zip e não em rar...

o rar ta muito usado na pirataria, isso sim, no resto da internet, nem por isso...

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.