Slashdot Mirror

← Back to Stories (view on slashdot.org)

AntiVirus Products Fail to Find Simple IE Malware

Posted by ScuttleMonkey on from the no-surprise-here dept.

SkiifGeek writes "Didier Stevens recently took a closer look at some Internet Explorer malware that he had uncovered and found that most antivirus products that it was tested against failed to identify the malware through one of the most basic and straight forward obfuscation techniques — the null-byte. With enough null-bytes between each character of code, it is possible to fool all antivirus products (though additional software will trap it), yet Internet Explorer was quite happy to render the code. Whose responsibility is it to fix this behavior? Both the antivirus / anti-malware companies and Microsoft's IE team have something to answer for."

1 of 190 comments (clear)

  1. Re:Wouldn't the anti-virus... by hedwards · · Score: 1, Redundant

    That isn't entirely true, I've installed windows without IE. But it was a huge pain in the ass. I had to create my own installation media which didn't have it, and I had to install updates by hand from the ones that can be downloaded from the support site. There was for a while a 3rd party site that would provide the downloads through Firefox, but it depends on how much you're willing to trust 3rd parties to not Trojan the updates.