Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Tests find security tools failures

Jeremy Kirk | March 9, 2011
A new round of antivirus testing found some products fail to detect malware that tries to infect a computer via a different attack vector, such as through a local network fileshare or a USB drive.

But one attack vendor where most security companies are still lacking is detecting malicious payloads that are written only to memory, also known as single-use malware. Malware can, for example, masquerade as a permitted DLL (Dynamic Link Library), which skirts around DEP (Data Execution Prevention) security features in OSes.

"This type of attack circumvents protections that lack behavioral analysis for these attacks," NSS Labs wrote. Only three products from Kaspersky, McAfee and Sophos have features to protect against that style of attack.

NSS Labs, which does not accept money from vendors for its testing, is selling the report on its website for $995.

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.