Anti-virus software do a poor job of detecting exploits

Independent testing firm NSS Labs has reported that major commercial anti-virus products do a poor job of detecting the client side exploits used to attack vulnerabilities in Web browsers, Adobe Flash, Reader, and Apple QuickTime. Roughly half of the exploits tested were exact copies of the first exploit code to be made public against the vulnerability on a government funded web site for months, NSS Labs reports. The other half of those exploits were modified, they used different entry points in the targeted system’s memory. NSS Labs tested 123 client-side exploits with with 10 different anti-virus products. The average detection against original exploits was 76 percent. The average detection rate against modified exploits variants was even lower at 58 percent, NSS found. Another testing firm AV-Test reported that the industry average in protecting against exploits was 75 percent.

Apparently, most anti-virus software manufacturers have chosen to focus more on detected the malicious software variants delivered by these exploits than on blocking the exploits themselves. This shows the importance of patching software as soon as possible after a vendor releases a fix. You can use Secunia Personal Software Inspector which is a free security tool designed to detectvulnerable andout-dated programs and plug-ins which expose your PC to attacks. And, of course, keep your anti-virus software up to date.

Like us on Facebook