Crackers Evolve to Dodge Anti-Virus Software in Windows

Dr. Roy Schestowitz

2010-05-08 18:52:33 UTC
Modified: 2010-05-08 18:52:33 UTC

Summary: A fully 'protected' and patched Windows installation cannot be secured due to new tricks and hidden vulnerabilities that Microsoft conceals from the public

A FEW days ago we wrote about Joanna Rutkowska's observations and mentioned her firm's use of GNU/Linux. Yesterday we found this article from The Register, which speaks about anti-virus software being ineffective in the face of a new pattern of attacks.

Researchers say they've devised a way to bypass protections built in to dozens of the most popular desktop anti-virus products, including those offered by McAfee, Trend Micro, AVG, and BitDefender.

Ghabuntu recommends Ubuntu GNU/Linux as a preventive measure and also argues that:

It is a very serious issue which can have a devastating consequence in the lives of a lot of people. However, there is still hope. The research did not make any mention of this anti-virus as being such an easy to evade guard.

Anti-virus software has been useless for quite some time. Authoritative figures spoke about these issues for years and McAfee went as far as doing more harm than good last month.

According to several independent sources, about one in two Windows PCs is a zombie PC and Microsoft carries on lying about the number of vulnerabilities/patches in order to give the illusion that things are improving when it fact they never did. Microsoft is just lying about its patches, as before. Anti-virus software can't do anything about it and here in Techrights we opine that the public has the right to know the truth. ⬆

Comments

Yuhong Bao

2010-05-13 01:50:00

The attack is on SSDT hooking, which MS and others has been warning against for years and even tried to prevent via PatchGuard in x64 versions of Windows. The Nynaeve blog by Ken Johnson, a Windows kernel-mode expert who joined MS after this was written, has an example of a buggy SSDT hook that has security problems: http://www.nynaeve.net/?p=210

Recent Techrights' Posts

Representing and Speaking for Animals: If I ever choose to take this matter to tribunal with animals-centric NGOs on my side, it'll get some press coverage for sure
Slopwatch: Fake Articles About "Linux", Slop Images in VentureBeat, Linux Foundation Spam Made With LLM Slop and Slop Images: The only relief or upside - if any exists - is that the pace of slop was down a bit this week
Richard Stallman (RMS) Talk in Ethereum Cypherpunk Congress Will be Remote: This past week RMS received lots of accolades online
Links 29/08/2025: Lisa Cook Sues Convicted Felon and Backdoor Mandate in UK Resisted: Links for the day
Links 29/08/2025: Arti 1.5.0, War on Public Health (CDC), and Slop 'Bros' Made to Pay for Their Mass Plagiarism: Links for the day
No, 4Chan is Not Fighting for You by Lawyering Up Against Ofcom (UK): Don't mistake proto-fascists for people who "fight for you". They don't.
Downlplaying the Impact of "UEFI 9/11" is a Losing Strategy: we won't publish much whilst on holiday
In Many Places in the World Vista 11 "Market Share" is Going Down, Not Up: In some countries Windows is already down to third place or lower
More Microsoft-Connected Layoffs, at Least Third Time This Month! (Also Another Death on Campus): Microsoft as a "gaming" company is where studios, projects, games, and even developers come to die
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, August 28, 2025: IRC logs for Thursday, August 28, 2025
Gemini Links 29/08/2025: Poems, Games, and Java 25 Performance: Links for the day
Links 28/08/2025: Greenland 'Interferences' by US and Skinnerboxes to Get Banned in Korean Schools: Links for the day
The Register MS (Run by Microsoft Operatives): Free Software is Putin, Hence Evil and Dangerous: The current editor in chief is an American Microsofter, the previous one went to work for Google (US)
Links 28/08/2025: Chatbots Distorting/Fabricating History and Also Driving Suicide: Links for the day
Gemini Links 28/08/2025: Back in Japan and Why "Hacker News" Sucks: Links for the day
A Much-Needed Wake-up Call to Users of Wordpress.com, Blogspot, Substack and All Those Other Outsourced (and Centralised) Platforms: There are several lessons in there
The UEFI 9/11 - Part II - Campaign of Censorship and Defamation Against Critics: In dictatorships, humour serves an important role. It's tragic.
Open Source Initiative (OSI) Resists Software Freedom, Even by Attacking Its Own: The OSI is compromised
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, August 27, 2025: IRC logs for Wednesday, August 27, 2025
Slopwatch: linuxsecurity.com, Slopfarms in Google News, and More: Some readers of ours end up sending us links that are from slopfarms, not realising those are slopfarms
Gemini Links 27/08/2025: Katrina Memories and Google Versus Software Freedom: Links for the day
Links 27/08/2025: Police Against Media Freedom in the UK, Energy-Hungry Countries Targeted by China: Links for the day
Microsoft Windows Fell to All-Time Lows in Egypt This Summer, Vista 11 Adoption Decreases While GNU/Linux Increases: Vista 11 is going down rather than up
Links 27/08/2025: Microsoft Demoralises Staff With Slop Demands, Leaving Mastodon Explained: Links for the day
12 Hours Ago The Register MS Published a Fake (Paid-for) Article, But This One for a Change Did Not Promote a Ponzi Scheme: There are also Free software alternatives, but they don't pay The Register MS for "synthetic" so-called 'journalism'
More People Need to Call Out and Put a Stop to Serial Sloppers: Unless slopfarms are stopped, people will read and share Microsoft propaganda made by chatbots
Gemini Links 27/08/2025: Headphones and Tartarus: Links for the day
Morale at Microsoft is Terrible (Proprietary Plagiarism Machines Have No Future, LLM Slop is a Bubble): The slop sceptics/critics are going to have lots of "told you so" moments
GNOME "governance issues, staff reduction, etc." amidst Albanian whistleblowing and women trafficking: Notice the connection to Software Freedom Conservancy (SFC) and GNOME
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, August 26, 2025: IRC logs for Tuesday, August 26, 2025