Results 1 to 7 of 7

Thread: New Windows malware bypasses most current antivirus apps

  1. #1
    HappyAndyK's Avatar
    HappyAndyK is offline Site Administrator
    Join Date
    Jun 2008
    Posts
    7,542

    Exclamation New Windows malware bypasses most current antivirus apps

    Researchers at Matousec have found malware that could potentially compromise nearly every Windows XP system using current antivirus software. KHOBE (Kernel Hook Bypassing Engine) takes advantage of the vulnerable System Service Descriptor Table to trick Microsoft's OS into accepting rogue code.

    Few antivirus programs today can protect against an attempt since they can't stop the switch after they've already examined what was believed to be the original code.

    The attacks won't work properly on Windows Vista or 7 systems.



    New Windows malware bypasses most current antivirus apps | Electronista

  2. #2
    dkszone is offline New Member
    Join Date
    Jul 2009
    Posts
    9

    Default

    Yep. Malware is one of the biggest threat in internet. It's a good idea to scan suspicious files using Virus Total which scans the file using 41 different antivirus engines.

  3. #3
    MrMBerman's Avatar
    MrMBerman is offline Senior Member
    Join Date
    Mar 2009
    Location
    Tel Aviv / London / Bukidnon
    Posts
    340

    Default

    Quote Originally Posted by dkszone View Post
    Yep. Malware is one of the biggest threat in internet. It's a good idea to scan suspicious files using Virus Total which scans the file using 41 different antivirus engines.
    It's just not very practicable to upload files manually to an online service no matter how good Virus Total is. A better solution is good quality products working together locally on your PC.

  4. #4
    hackerman1 is offline Senior Member
    Join Date
    Dec 2008
    Location
    Sweden
    Posts
    1,525

    Default

    hi !

    its a HOAX !

    there is no "BIG" danger....
    this "new" security problem is 20+ years old....

    some links posted by Corrine on sevenforums:

    Race Conditions aka TOCTOU and now KHOBE Fran's Computer Services' Blog

    http://www.darkreading.com/blog/arch...Y_2010-05-11_h

    Further discrediting of Matousec's findings: Evilcodecave: Ruining a Myth - KHOBE The AntiVirus Earthquake - Pure Hysteria
    Last edited by hackerman1; 17th May 2010 at 09:08.

  5. #5
    roraniel's Avatar
    roraniel is offline Gold Member
    Join Date
    Oct 2008
    Location
    Pinehurst, NC
    Posts
    860

    Default

    Hoax or not, just another reason to upgrade to Windows 7.

  6. #6
    hackerman1 is offline Senior Member
    Join Date
    Dec 2008
    Location
    Sweden
    Posts
    1,525

    Default

    it IS a HOAX.

    are there ANY reason not to upgrade to W7 ?
    Last edited by hackerman1; 17th May 2010 at 18:03.

  7. #7
    HappyAndyK's Avatar
    HappyAndyK is offline Site Administrator
    Join Date
    Jun 2008
    Posts
    7,542

    Default

    Interesting!

    Wonder how Matousec will react now!!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22