A recent NSSLabs report testing antivirus suites against web exploits indicates that popular antivirus programs may provide weak protection against web exploits.
The NSSLabs report tested 10 major antivirus suites for their ability to stop 'exploits' in common web programs such as browsers, email, instant messaging, file sharing, online media players, and more.
According to NSSLabs report, these antivirus suites blocked between 29% to 91% of exploits in web programs, the best being from Trend Micro.
And as a Google News search for web exploits will show, these attacks aren't exactly uncommon. In fact, web exploits are now the leading type of attack on personal computers, taking presidence over operating system holes. For this reason, even Apple has discussed antivirus.
While Antivirus Companies have raised serious concerns regarding the experiment conditions set forth in the NSSLabs report (see responses from AMTSO, AVG, and Norton), it does bring up a good point: as hundreds and thousands of web applications go un-updated on users' personal computers, can antivirus suites be expected to account for all possibilities?
I think the clear answer is no. This means at least for the time being it is up to the end user, you, to make sure your operating system, browser, instant messenger, file share, and all other programs are the latest version. Otherwise, you just might find yourself the next victim of the Cameron Diaz virus: http://bit.ly/c6LZdX
No comments:
Post a Comment