Share

Related Links

  • NSS Labs
  • Reed Exhibitions Ltd is not responsible for the content of external websites.

Related Stories

Top 5 Stories

News

Anti-virus products struggling against latest exploits

24 August 2010

It seems that industry experts are starting to agree that the IT security industry is struggling to tackle the rising tide of malware and hacker exploits.

As reported earlier this month by Infosecurity, CoreTrace senior vice president Ron Clarkson said that hackers may be winning the 'cat and mouse' game against IT security vendors.

Citing Panda Security's observations in this regard, Clarkson said that malware samples are doubling year-on-year.

Now his observation has been echoed by leading IT security researcher Brian Krebs, whose online security blog is read by a growing number of internet users.

Referencing a report from NSS Labs, he says that most anti-virus products designed for use in businesses do a poor job of detecting the exploits that hacked and malicious websites used to foist malware on users.

The report looked at the performance of 10 commercial anti-virus products to see how well they detected more than 120 client-side exploits, such as web browser attacks and exploits against desktop applications, such as Adobe Flash and Reader.

According to Krebs, amongst all ten products, NSS found that the average detection rate against original exploits was 76%, and that only three out of ten products stopped all of the original exploits.

"The average detection against exploits variants was even lower at 58%," he said, adding that the tests revealed that certain exploits were consistently missed by the anti-virus products, particularly those that attacked the Internet Explorer peers and Microsoft VBscript problems that Microsoft first revealed in March of this year.

Although specific details of the NSS report have not been revealed, the research firm says that organisations should consider developing custom exploit signatures for high-value systems, either at the host or network layer.

The conclusions of the NSS Labs report, says Krebs, are confirmed by a series of reports from another test lab, AV-Test, which said that the industry average in protecting against exploits - both known and unknown - was just 75%.

Or to put it another way, Infosecurity notes, an average of one quarter of known and unknown exploits are getting past typical IT security software.

This article is featured in:
Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×