AntiVirus Products Fail to Find Simple IE Malware

SkiifGeek writes "Didier Stevens recently took a closer look at some Internet Explorer malware that he had uncovered and found that most antivirus products that it was tested against failed to identify the malware through one of the most basic and straight forward obfuscation techniques — the null-byte. With enough null-bytes between each character of code, it is possible to fool all antivirus products (though additional software will trap it), yet Internet Explorer was quite happy to render the code. Whose responsibility is it to fix this behavior? Both the antivirus / anti-malware companies and Microsoft's IE team have something to answer for."

Vista is BULLETPROOF!

[CEOBallmer]

The Death of 3rd Party Security Vultures and Such! McAfee Inc., Trend Micro Inc., CA Inc. and especially Symantec, ... say goodnight! We are about to announce MS ForeFront 2.0! Let me make it clear that while I have tolerated these "anti-virus" vendors for years, something about their very existence has not set very well with me. I mean, having a bunch of multi-million dollar companies that depend solely on there being bugs, leaks, holes, exploitables, mistakes, oversights and problems in Windows dosen't speak very well of Microsoft. They are like carrion, buzzards, jackels, ... protecting a rotten carcass from other smaller vermin. They always argue, "But, Bu-bu-but you need us!", maybe that was true in the past, but no longer! VISTA IS BULLETPROOF! None of these quacks bag of tricks are any longer necessary! Between WGA and Forefront the OS and Genuine MS apps are totally impervious to attack! They are so secure that many times even the registered owners have trouble gaining access to the computer! So then how could any hacker? These vultures will kick, choke and whine as the user-base realizes this truth, but I say good riddance, your success reflected badly on us anyway.