Crackers Evolve to Dodge Anti-Virus Software in Windows

Dr. Roy Schestowitz

2010-05-08 18:52:33 UTC
Modified: 2010-05-08 18:52:33 UTC

Summary: A fully 'protected' and patched Windows installation cannot be secured due to new tricks and hidden vulnerabilities that Microsoft conceals from the public

A FEW days ago we wrote about Joanna Rutkowska's observations and mentioned her firm's use of GNU/Linux. Yesterday we found this article from The Register, which speaks about anti-virus software being ineffective in the face of a new pattern of attacks.

Researchers say they've devised a way to bypass protections built in to dozens of the most popular desktop anti-virus products, including those offered by McAfee, Trend Micro, AVG, and BitDefender.

Ghabuntu recommends Ubuntu GNU/Linux as a preventive measure and also argues that:

It is a very serious issue which can have a devastating consequence in the lives of a lot of people. However, there is still hope. The research did not make any mention of this anti-virus as being such an easy to evade guard.

Anti-virus software has been useless for quite some time. Authoritative figures spoke about these issues for years and McAfee went as far as doing more harm than good last month.

According to several independent sources, about one in two Windows PCs is a zombie PC and Microsoft carries on lying about the number of vulnerabilities/patches in order to give the illusion that things are improving when it fact they never did. Microsoft is just lying about its patches, as before. Anti-virus software can't do anything about it and here in Techrights we opine that the public has the right to know the truth. ⬆

Comments

Yuhong Bao

2010-05-13 01:50:00

The attack is on SSDT hooking, which MS and others has been warning against for years and even tried to prevent via PatchGuard in x64 versions of Windows. The Nynaeve blog by Ken Johnson, a Windows kernel-mode expert who joined MS after this was written, has an example of a buggy SSDT hook that has security problems: http://www.nynaeve.net/?p=210

Recent Techrights' Posts

Sven Luther, Lucy Wayland & Debian's toxic culture: Reprinted with permission from disguised.work
Chris Rutter, ARM Ltd IPO, Winchester College & Debian: Reprinted with permission from disguised.work
[Video] Microsoft Got Its Systems Cracked (Breached) Again, This Time by Russia, and It Uses Its Moles in the Press and So-called 'Linux' Foundation to Change the Subject: If they control the narrative (or buy the narrative), they can do anything
Links 19/04/2024: Israel Fires Back at Iran and Many Layoffs in the US: Links for the day
Russell Coker & Debian: September 11 Islamist sympathy: Reprinted with permission from disguised.work
Sven Luther, Thomas Bushnell & Debian's September 11 discussion: Reprinted with permission from disguised.work
G.A.I./Hey Hi (AI) Bubble Bursting With More Mass Layoffs: it's happening already
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, April 18, 2024: IRC logs for Thursday, April 18, 2024
Coroner's Report: Lucy Wayland & Debian Abuse Culture: Reprinted with permission from disguised.work
Links 18/04/2024: Misuse of COVID Stimulus Money, Governments Buying Your Data: Links for the day
Gemini Links 18/04/2024: GemText Pain and Web 1.0: Links for the day
Gemini Links 18/04/2024: Google Layoffs Again, ByteDance Scandals Return: Links for the day
Gemini Links 18/04/2024: Trying OpenBSD and War on Links Continues: Links for the day
IRC Proceedings: Wednesday, April 17, 2024: IRC logs for Wednesday, April 17, 2024
Over at Tux Machines...: GNU/Linux news for the past day
North America, Home of Microsoft and of Windows, is Moving to GNU/Linux: Can it top 5% by year's end?
[Meme] The Heart of Staff Rep: Rowan heartily grateful
Management-Friendly Staff Representatives at the EPO Voted Out (or Simply Did Not Run Anymore): The good news is that they're no longer in a position of authority
Microsofters in 'Linux Foundation' Clothing Continue to Shift Security Scrutiny to 'Linux': Pay closer attention to the latest Microsoft breach and security catastrophes
Links 17/04/2024: Free-Market Policies Wane, China Marks Economic Recovery: Links for the day
Gemini Links 17/04/2024: "Failure Is An Option", Profectus Alpha 0.5 From a Microsofter Trying to Dethrone Gemini: Links for the day
How does unpaid Debian work impact our families?: Reprinted with permission from Daniel Pocock
Microsoft's Windows Falls to All-Time Low and Layoffs Reported by Managers in the Windows Division: One manager probably broke an NDA or two when he spoke about it in social control media
When you give money to Debian, where does it go?: Reprinted with permission from Daniel Pocock
How do teams work in Debian?: Reprinted with permission from Daniel Pocock
Joint Authors & Debian Family Legitimate Interests: Reprinted with permission from Daniel Pocock
Bad faith: Debian logo and theme use authorized: Reprinted with permission from Daniel Pocock
Links 17/04/2024: TikTok Killing Youth, More Layoff Rounds: Links for the day
Jack Wallen Has Been Assigned by ZDNet to Write Fake (Sponsored) 'Reviews': Wallen is selling out. Shilling for the corporations, not the community.
Links 17/04/2024: SAP, Kwalee, and Take-Two Layoffs: Links for the day
IRC Proceedings: Tuesday, April 16, 2024: IRC logs for Tuesday, April 16, 2024
Over at Tux Machines...: GNU/Linux news for the past day