Thursday, December 3, 2009

Common antivirus products disabled within minutes

It was the subject of a contest organized by the French IT (and other disciplines) engineering school ESIEA. Results are available as slideshows at this address.

Summarizing roughly, the most common antivirus products (McAfee, Norton = Symantec, Kaspersky...) can be disabled within minutes by a clever virus maker.

3 comments:

  1. I just removed a comment by user "johns" which gave a link to rogue antivirus software sites.

    ReplyDelete
  2. One important note: all the described disabling methods need administrator level access. If you have admin access or are in a position to obtain it (for example elevating from a power user), all bets are off.

    ReplyDelete
  3. Yes. The team from ESIEA said that many of the attacks start by using a vulnerability that gives administrator access, so their tests were like in a real-life situation.

    ReplyDelete

I can read French, English, German and Romanian, please feel free to write in whichever language you prefer.