Security industry will change?

Is there anything worth fearing in the IT security world? For years McAfee, Symantec and manufacturers of anti-virus software have been constantly helping companies to keep their networks from virus, trojan and program code attacks. Toxic can cause significant damage. But still the " computer protection knights " but they are now trading security software is no longer able to resist attacks, the software itself is also taken advantage of to attack public users.

The recently discovered security holes in McAfee, Symantec, and Trend Micro security software allow hackers to take control of the computer. While most anti-virus software is distributed through network downloads, it is difficult for hackers to obtain these program codes. Not only that, these security flaws have also raised problems with the anti-virus industry's security response orientation. This is a new opportunity for Microsoft to step into the security market.

Earlier this week, Symantec officially revealed that its anti-virus library could be compromised through a buffer overflow error. Hackers can take full advantage of exploiting this security hole to hijack users' computers using this type of library. This security error affects a variety of Symantec products such as Norton SystemWorks Symantec, Symantec Norton Internet Security, Symantec Norton AntiVirus, Symantec Gateway Security, Brightmail Anti-Spam , and Symantec Client Security .

Security researcher Alex Wheeler was the first to report a security error in security products for Symantec. In fact, since February when he was a member of the X-Force research group of Internet Security Systems, Symantec's competitors, Wheeler discovered a security bug in the antivirus library that affected Brightmail AntiSpam. , AntiVirus Corporate Edition as well as other Symantec products. This security error could allow hackers to exploit the DEC2EXE module, a scanning engine that could access Ultimate Packer to execute eXecutables in compressed files and cause buffer overflow.

While Symantec has attempted to patch security holes in its products, McAfee competitor this week also officially warned users that a series of its versions of virus scanning software made mistakes. Authorized security ' overwrites an arbitrary file overwrite, which allows hackers to create and modify binary files to write data information to users' computers. McAfee quickly released this security patch.

Not only can Trend Micro's PC-Cillin Internet Security Antivirus security date be the exception. VeriSign iDefense has discovered that Trend Micro's security product has a security error that allows hackers to increase user access or to disable security. This security error affects versions 12.00 and 12.44. Hackers can take advantage of this security error to override system-level binary code, allowing them to hijack the user's computer system.

Thus, the problems that McAfee, Symantec, Trend Micro as well as products of other security firms show that these products are not better than other software at the software coding level, Burton Group specialist by Fred Cohen said. But since hackers cannot easily embed code into software distributed over the network, attacks to exploit security code can be exploited.

This issue raises a question about how much trust we put in these security software providers as well as on the update model they are working on. It must be a countermeasure to ensure but it must also be a measure based on users' trust in software providers when they have to install software on the computer. Cohen poses a question: ' What happens when someone right in these security companies installs a trojan on their system ?'

Meanwhile, these security flaws will make antivirus experts prove that their security software is the best. Microsoft is on the verge of entering this market. Gartner VP, along with colleague John Pescatore, said: ' Many antivirus software vendors say,' Yes, yes, anyone who buys Microsoft antivirus software when they themselves cannot keep the product itself. ' ' But if Microsoft products are cheaper than those of other developers, while those developers themselves cannot prove that their products are of higher quality than Microsoft. Failure is absolutely noticeable.

Some recent events may ignite the fire that changes the level of trust in the installation and update model of antivirus software. The long-term solution to combat disaster for antivirus software must be a model of trust initiative in which digital keys, certificates and passwords are stored on computer microprocessors. , server and hardware. ' These will be important effects on the dangerous anti-virus and spyware market for 5 to 7 years ,' Cohen said.

Why must there be such a long time? Because 15 million computers that PC vendors offer are not enough to influence. 'You need to have at least 100 million trusted computers,' Cohen said. This will not happen until the next round of PC replacement happens - a rotation takes 3 to 5 years.