Slashdot Mirror

← Back to Stories (view on slashdot.org)

Archive Formats Kill Antivirus Products

Posted by kdawson on from the fuzz-in-the-zip dept.

nemiloc sends us to the F-Secure blog for breaking news about widespread vulnerabilities in programs that process archive files: "The Secure Programming Group at Oulu University has created a collection of malformed archive files. These archive files break and crash products from at least 40 vendors — including several antivirus vendors... including us." Here is test material from OUSPG and a joint advisory from Finnish and English security organizations. It isn't news that security products can have have security vulnerabilities. What makes this advisory important is that antivirus software is a perfect target. It is run in critical places with high privileges and auto-updates to keep versions coherent.

6 of 115 comments (clear)

  1. Secure Platform without Anti-virus by SpaceLifeForm · · Score: 4, Insightful

    Is probably more secure.

    I don't need to mention names, you know.

    --
    You are being MICROattacked, from various angles, in a SOFT manner.
    1. Re:Secure Platform without Anti-virus by JeanBaptiste · · Score: 5, Insightful

      Cool. I need to run MS SQL server, it's the only one that my company's workflow software will run on. Also our enterprise app is all written in ASP. We also have lots of Exchange users. It would probably take years and years to convert all these things over to something else, probably with downtime and data loss.

      Your 'solution' may work for some, but probably not for most, and for the rest of us, thats what these articles are posted for!

    2. Re:Secure Platform without Anti-virus by TheRaven64 · · Score: 5, Insightful

      That's okay, the money has already been allocated, because you factored in the cost of migrating away from the platform as part of the TCO. You did include migration costs in your TCO calculations when purchasing the workflow software and Exchange, right?

      --
      I am TheRaven on Soylent News
    3. Re:Secure Platform without Anti-virus by Ed+Avis · · Score: 4, Insightful

      I need to run MS SQL server, it's the only one that my company's workflow software will run on.
      Have you investigated porting to Sybase? It's pretty similar.

      Also our enterprise app is all written in ASP.
      Have you looked at Chili!Soft ASP? Or if you're using ASP.NET, Mono?

      We also have lots of Exchange users.
      Gotta admit, this is harder to migrate from once all your data is locked up in those binary PST files.

      But you have a point that many people, yourself included, are stuck with Windows. It wouldn't be easy to migrate. Much more convenient to buy some crappy virus scanner and keep the plates spinning.
      --
      -- Ed Avis ed@membled.com
    4. Re:Secure Platform without Anti-virus by IllForgetMyNickSoonA · · Score: 4, Insightful

      This is a usual argument, I know. However, each time I read it, I can't help but to ask myself "whose fault is it?" The answer is obvious, isn't it?

      It's unfair to pretend non-MS solutions are somehow expensive because it's so hard to break free from MS once you allowed yourself to get hooked into their proprietary world. You could just as well have developed your enterprise apps in something other than ASP, haven't you?

      OK, I know I'm probably barking up the wrong tree here - probably it's not *your* fault after all. But I guess you know what I'm trying to point out.

  2. Re:Proofread? by gnasher719 · · Score: 4, Insightful

    While two negatives make a positive, two positives do not make a negative. Yeah, right.