It?s generally accepted that antivirus programs provide a necessary protection layer, but organizations should audit such products before deploying them on their systems because many of them contain serious vulnerabilities, a researcher warned.
According to Joxean Koret, a researcher at Singapore security firm COSEINC, antivirus programs are as vulnerable to attacks as the applications they?re trying to protect and expose a large attack surface that can make computers even more vulnerable.
Koret spent the last year analyzing antivirus products and their engines in his spare time and claims to have found dozens of remotely and locally exploitable vulnerabilities in 14 of them. The vulnerabilities ranged from denial-of-service issues to flaws that allow potential attackers to elevate their privileges on systems or to execute arbitrary code. Some bugs were located in antivirus engines?the core parts of antivirus products?and some in various other components.