Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: WhiteZero on May 09, 2010, 04:42:17 PM
-
http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/
http://www.matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php
Heads up, Avast devs.
-
It's not new, and definitely not found by David Matousec :
http://www.wilderssecurity.com/showpost.php?s=2421b4af54971efadce10823563dece4&p=1673813&postcount=75
Greetz, Red.
-
Thats cool, but it is any less of a concern?
-
Not really. Unless the malware is already loaded, none of this is really an issue...
-
GData SecurityBlog: KHOBE - no problem (http://blog.gdatasoftware.com/overview/article/1654-khobe-no-problem.html) :P
-
Not really. Unless the malware is already loaded, none of this is really an issue...
I would confirm that from my experience - the latest TDSS variant falls under this heading
-
Khobe-Wan: These Aren’t the Droids You’re Looking for (http://www.eset.com/blog/2010/05/11/khobe-wan-these-arent-the-droids-youre-looking-for) - another one (ESET Threat Blog).
This method has not been seen in the wild until today. As we can see, a similar (or pretty much the same) PoC was published almost over 6 years ago. Over the time, no malware misused this.
As already mentioned, the vulnerability is there, but its magnitude is more of a pin dropping on the floor than an 8.0 earthquake, when it comes to its impact on the overall security of our customers’ PCs. However, we are looking into this to see how we can prevent these attacks in case we start to see them being misused.
-
Not really. Unless the malware is already loaded, none of this is really an issue...
I would confirm that from my experience - the latest TDSS variant falls under this heading
Thanks a lot for confirming this, essexboy..!! :)
asyn