You know that thing you trust to accept untrusted data...

Subject: Editorial, General Tech | May 21, 2013 - 10:53 PM |
Tagged: antivirus, antimalware

They might be a good means of guarding you from momentary lapses of judgment, but security is not equivalent to antivirus packages. You always need to consider how much your system is exposed to untrusted and even unsolicited data. Any software which accepts untrusted data has some surface with potential vulnerability to attack.

This, inherently, includes software which accepts data to scan it for malware.

View Full Size

Last week was host to Patch Tuesday, and one of its many updates fixed a vulnerability in Microsoft's Malware Protection Engine (MPE). The affected code is only present in applications which run the 64-bit version of the engine. For home users, these applications are: Microsoft Security Essentials (x86-64), Microsoft Malicious Software Removal Tool (x86-64), and all varieties of Windows Defender (x86-64). For enterprise users, MPE is also a part of Forefront and Endpoint applications and suites.

Despite the irony, I will not beat up on Microsoft. As far as I know, these vulnerabilities are semi-frequently patched in basically any antimalware application. At the very least, Microsoft declares and remedies problems with reasonable and appropriate policies; they could have just as easily buried this fix and pushed it out silently or worse, wait until it becomes actively exploited in the wild and even beyond.

But, and I realize I am repeating myself at this point, the biggest takeaway from this news: you cannot let the mere presence of antivirus suites permit you to be complacent. No scanner will detect everything, and some might even be the way in.

May 22, 2013 | 04:27 PM - Posted by Robert (not verified)

What's the most trustworthy security software that doesn't eat up a lot of processing or RAM?

May 22, 2013 | 05:44 PM - Posted by Scott Michaud

I, personally, use Microsoft Security Essentials because there is little reason not to. Mainly you just need to be not complacent as that is almost always the cause of security issues.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote><p><br>
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

By submitting this form, you accept the Mollom privacy policy.