AntiVirus Products Fail to Find Simple IE Malware

SkiifGeek writes "Didier Stevens recently took a closer look at some Internet Explorer malware that he had uncovered and found that most antivirus products that it was tested against failed to identify the malware through one of the most basic and straight forward obfuscation techniques — the null-byte. With enough null-bytes between each character of code, it is possible to fool all antivirus products (though additional software will trap it), yet Internet Explorer was quite happy to render the code. Whose responsibility is it to fix this behavior? Both the antivirus / anti-malware companies and Microsoft's IE team have something to answer for."

Why use IE?

[Naelok]

AVs or not, I think anyone still using IE deserves malware nowadays. I have a techno-illiterate family that would come to me with 'my computer is borked, help please' every week or so. Invariably, the problem would stem from some bloody IE. After I switched them all to Firefox (with Adblock), that all came to a blissful end. Sticking to IE after all these years is, in my opinion, an unforgivable offence.