,
Many users think that a antivirus to date is sufficient to block the entry of malware on your computer. As is known, these software are the first target of cybercriminals, but not always include self-protection systems that prevent an attack on the files of the applications themselves. AV-Test examined 32 security suites (24 8 consumer and business) and found that only two products use 100% technical notes DEP and ASLR .
Cyber attacks exploit vulnerabilities in applications through which you can perform different actions, how to gain access to the operating system and take control of your computer remotely. All developers know that there is a software error-free and that the probability of finding a bug grows as the number of lines of code. For this reason, over 10 years ago, have been developed protective mechanisms, such as DEP and ASLR , which must be activated in the source code of the virus.
DEP (Data Execution Prevention) is implemented in hardware. The technology is present in AMD and Intel processors with the names EVP and XD-Bit. Its purpose is to prevent the execution of instructions in certain areas of memory, using attacks buffer overflow . ASLR (Address Space Layout Randomization), instead, tries to block the execution of code in memory locations known, allocating addresses randomly.
The analysis of AV-Test examined PE files (portable executable) in 32 and 64 bits of security suites and found that only 8 Eset Smart Security and Symantec Endpoint Protection implement DEP and ASLR 100% . The consumer suite produced by Avira, Norton, G Data, McAfee and AVG used these protections only for 64-bit versions. Notes software house, as Bitdefender, Panda and Trend Micro do not reach the average of 90%.
The producers, contacted by AV-Test, have stated that the lack of implementation of DEP and ASLR is linked to various factors including the use of security technologies proprietary technologies are not compatible with DEP and ASLR, and the use of third-party libraries that do not use DEP and ASLR.
No comments:
Post a Comment