Beware! Poison .bats ahead!

Subject: General Tech | November 1, 2005 - 11:49 AM |
Tagged:

CNet reports on a vunerablility affecting many popular Anti-Virus programs.  They describe a "magic bit" that could be added to a .bat file, that will make your scanner completely ignore the file instead of scanning it.


"By adding some data to a file, an attacker could trick virus scanners into letting a malicious

executable file pass through, security researcher Andrey Bayora wrote in an advisory last week.

The problem lies in the scanning engine, which won't detect files that have the extra data. Bayora

refers to that extra data as the "Magic Byte."

The problem affects numerous antivirus products, including software from Trend Micro, McAfee,

Computer Associates and Kaspersky Lab, said Bayora, who works as a computer security consultant in

Israel. His advisory also lists several products that are not affected, including software from

Symantec, F-Secure and BitDefender."


Here is some more Tech News from around the web:


Tech Talk

The Inquirer

  • TARGET="_blank">Waiting on a Revolution: a look ahead at the next-generation console wars @ Ars

    Technica


  • FragBox 2 Failure
  • Ruffles Falcon Feathers @ [H]ard|OCP

  • HREF="http://news.com.com/Bulging+capacitors+haunt+Dell/2100-1003_3-5924742.html?tag=html.alert"

    TARGET="_blank">Bulging capacitors haunt Dell @ CNET


  • The Science of SPAM @ PC
  • Mechanic

  • Blizzard's 2005
  • Blizzcon: Day 1 @ Legit Reviews

  • How RFID Is Impacting Our
  • Lives @ The TechZone

  • Kodak EasyShare
  • One Digital Camera Evaluation @ DesignTechnica


    No comments posted yet.

    Post new comment

    The content of this field is kept private and will not be shown publicly.
    • Lines and paragraphs break automatically.
    • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote><p><br>
    • Web page addresses and e-mail addresses turn into links automatically.

    More information about formatting options

    By submitting this form, you accept the Mollom privacy policy.