Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Anti-virus products struggling against latest exploits

As reported earlier this month by Infosecurity, CoreTrace senior vice president Ron Clarkson said that hackers may be winning the 'cat and mouse' game against IT security vendors.

Citing Panda Security's observations in this regard, Clarkson said that malware samples are doubling year-on-year.

Now his observation has been echoed by leading IT security researcher Brian Krebs, whose online security blog is read by a growing number of internet users.

Referencing a report from NSS Labs, he says that most anti-virus products designed for use in businesses do a poor job of detecting the exploits that hacked and malicious websites used to foist malware on users.

The report looked at the performance of 10 commercial anti-virus products to see how well they detected more than 120 client-side exploits, such as web browser attacks and exploits against desktop applications, such as Adobe Flash and Reader.

According to Krebs, amongst all ten products, NSS found that the average detection rate against original exploits was 76%, and that only three out of ten products stopped all of the original exploits.

"The average detection against exploits variants was even lower at 58%," he said, adding that the tests revealed that certain exploits were consistently missed by the anti-virus products, particularly those that attacked the Internet Explorer peers and Microsoft VBscript problems that Microsoft first revealed in March of this year.

Although specific details of the NSS report have not been revealed, the research firm says that organisations should consider developing custom exploit signatures for high-value systems, either at the host or network layer.

The conclusions of the NSS Labs report, says Krebs, are confirmed by a series of reports from another test lab, AV-Test, which said that the industry average in protecting against exploits - both known and unknown - was just 75%.

Or to put it another way, Infosecurity notes, an average of one quarter of known and unknown exploits are getting past typical IT security software.

What’s Hot on Infosecurity Magazine?