They try to outwit the AV scanners, and yes it's an uphill battle for the AV companies to catch up with threats, especially given the very high prevalence and
seriousness of successful virus attacks.
AV companies work CONSTANTLY to try to cover vulnerabilities in their own scanners.
That's why it's so important to use a RANGE of products.
But as to the technical issue of parsing, YES AV programs can be enabled to deal with these threats, but first this is VERY COSTLY and second, we would all have to get into the habit of doing MUCH LENGTHIER all night AV scans for parsing attacks, perhaps as an extra option, if AV companies give us this ability.
AV companies DO TAKE vulnerabilities in their own code VERY SERIOUSLY.
It's just that covering ALL attack threats is a) very difficult b)takes a huge amount of time AND technical expertise to achieve.
I can only assume the publicity about these vulnerabilities is to try to coerce AV companies to respond and deal with such.
It would be FAR more responsible if security researchers outside of AV companies PRIVATELY contact AV companies, rather than give this information directly to possible virus attackers.....
Discussion on:
Message 13 of 1
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
