Jump to content
Sign in to follow this  
Apu Nahasapeemapetilon

Anti-virus Products Miss Malware

Recommended Posts

http://www.eweek.com/article2/0,1759,1679530,00.asp

E o nosso tão amado Kaspersky está no mesmo barco :unsure:

An anonymous researcher has reported through several sources that anti-virus products from six vendors fail to detect malware when it is contained in a corrupted Zip file. 

The modification to the Zip file prevents the anti-virus programs from detecting files in it, but it doesn't prevent users from accessing those files, according to an advisory from Internet security research firm iDefense. The vulnerable products are from McAfee Inc., Computer Associates International Inc., Kaspersky Labs, Sophos plc., Eset Software and RAV, according to the advisory.

The problem has to do with the products' handling of an error condition in Zip files, which store information about compressed files stored within them in two locations. There is a local header preceding each file in the archive and a global header at the end of the archive. When the uncompressed size of the file within both archives is set to zero, the affected programs fail to detect malware in the files.

According to their advisory, iDefense notified the affected vendors of the problem on September 16. Some responded in time for Monday's advisory. McAfee provided a detailed explanation, fixes for their products, and noted that there are no known exploits of this technique. Computer Associates and Eset also responded and provided fixes, according to iDefense. 

Kaspersky indicated that the problem would be fixed in their next release. Neither RAV nor Sophos responded, according to iDefense.

Edited by Apu Nahasapeemapetilon

Share this post


Link to post
Share on other sites

Na minha opinião o formato .zip está quase extinto... raramente se vê um file na net em formato ZIP, agr usa-se mais rar... Eu n me lembro de abrir um zip faz mt tempo ;)

Kaspersky rulezzz :clap:

Share this post


Link to post
Share on other sites

Na minha opinião o formato .zip está quase extinto... raramente se vê um file na net em formato ZIP, agr usa-se mais rar... Eu n me lembro de abrir um zip faz mt tempo ;)

Kaspersky rulezzz :clap:

mentira... em qq site que tenha um programa para sacar que não tenha instalçaõ vem em 90% dos casos em zip e não em rar...

o rar ta muito usado na pirataria, isso sim, no resto da internet, nem por isso...

Share this post


Link to post
Share on other sites

Nãda é perfeito!

O que iteressa é aceitarem suguestões vindas de fora... admitir que o seu software n é perfeito, como nada o é!

Evoluir/Crescer/Corrigir são as palavras de Ordem

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.