Insecurity in security software

Andreas Marx
Maik Morgenstern
Mary Landesman

  download slides (PDF)

Data security software and, in particular, AV programs are widely deployed throughout companies, organizations, and private homes. Without this protection, users are at high risk of malware infection. But what happens when the protective software becomes the vector for compromise? In the first part of 2005, several security vulnerabilities - especially buffer overflows - were discovered in a wide range of security products. Both open source software such as ClamAV and commercial tools from Symantec, F-Secure, Trend Micro, and Computer Associates have been affected. In this paper, we discuss the additional risk of infection caused by these vulnerabilities in AV and other security software, including how this risk can be reduced by the developers and by the users of the products.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.