June 27, 2017

Avast Antivirus: Remote Stack Buffer Overflow with Magic Numbers

If I told you I found a remotely triggerable stack-based buffer overflow in a conventional anti-virus product, in what part of the software would you expect it to be? A reasonable guess may be: “Probably in the parsing code of some complicated and likely obsolete file format”. In fact, the most recent anti-virus stack buffer overflows clearly show that the implementation of a parser for complex file formats is extremely challenging. ... Read more

June 22, 2017

Announcing a new blog series on anti-virus software

An the past couple of years, we have seen quite a few critical security issues concerning anti-virus software. A significant number of bugs has been found by Google’s Project Zero, but there is also a lot of effort from other companies as well as from private researchers. Observing those issues, the following question arises naturally: Does anti-virus software decrease the security of our systems? This is a question that has been discussed for many years now, and for many experts the answer seems to be clear. ... Read more

© 2017 | about