Security Software From AVG, Symantec and McAfee Open To Hackers

Discussion in 'HardForum Tech News' started by HardOCP News, Jul 20, 2016.

  1. HardOCP News

    HardOCP News [H] News

    Messages:
    0
    Joined:
    Dec 31, 1969
    According to researchers, flawed uses of code hooking has introduced vulnerabilities that hackers can exploit in as many as fifteen products including those from big names like Symantec, McAfee and AVG.

    Researchers from data exfiltration prevention company enSilo found six common security issues affecting over 15 products when they studied how software vendors use ‘hooking’ to inject code into a process in order to intercept, monitor or modify the potentially sensitive system API (application programming interface) calls made by that process. Most of the flaws enSilo found allow attackers to easily bypass the anti-exploit mitigations available in Windows or third-party applications, allowing attackers to exploit vulnerabilities that they couldn’t otherwise or whose exploitation would have been difficult.
     
  2. the-one1

    the-one1 2[H]4U

    Messages:
    2,982
    Joined:
    Jan 16, 2003
    Doesn't everything have a security hole anyways? What's one more.
     
  3. cyclone3d

    cyclone3d [H]ardForum Junkie

    Messages:
    12,882
    Joined:
    Aug 16, 2004
    If it can be programmed, it can be hacked.
     
    Revdarian, Koolthulu and Armenius like this.
  4. Darunion

    Darunion 2[H]4U

    Messages:
    3,721
    Joined:
    Oct 6, 2010
    Hmm and it being massively publicized both causes these companies to get pressure to fix it and also now makes more people with bad intents aware of this.
     
  5. DukenukemX

    DukenukemX [H]ardness Supreme

    Messages:
    4,379
    Joined:
    Jan 30, 2005
    What's an anti-virus? Is that a Windows thing?

    [​IMG]
     
  6. steakman1971

    steakman1971 2[H]4U

    Messages:
    2,433
    Joined:
    Nov 22, 2005
    I have a wife and 2 kids that are not safe computer users. I picked Symantec's software - just great to read news like this. I've also restricted their access on the systems they use.
    Any suggestions to help control our users?