Anti-Virus Definitions & Malware

Anti-Virus Definitions & Malware
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Antivirus Discussions    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Anti-Virus Definitions & Malware D. Spencer Hines 12-14-2006
Posted by D. Spencer Hines on December 14, 2006, 3:47 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
One of the most effective methods of spreading a virus or Trojan would
probably be to hide the virus or Trojan in an anti-virus definitions update
and then persuade thousands of people to download and install it.

Is this a consideration that has been given by consumers when they install
freeware and El Cheapo Anti-Virus Programs onto their computers -- AND by
the companies who promulgate the software?

Would not fly-by-night outfits which don't have sufficient personnel and
astute management to ensure the security of their own virus updates be
particularly vulnerable and untrustworthy?...

Not that the Big Anti-Virus Companies are not also vulnerable.

DSH



Posted by =?Utf-8?B?UGFuZGFfbWFu?= on December 14, 2006, 4:20 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
"D. Spencer Hines" wrote:

> One of the most effective methods of spreading a virus or Trojan would
> probably be to hide the virus or Trojan in an anti-virus definitions update
> and then persuade thousands of people to download and install it.
>

Ok , Can be done ... BUT ...

This can't happen by accident . Antivirus softwares download the definitions
and apply them only if they are digitally signed by the vendor . When applied
it is 100% sure the vendor provided that and so when millions of people
understand what happened , they will stop using that program , they will sue
the company ................. and a long story

--
Panda_man
Silver level Contributor

Posted by D. Spencer Hines on December 14, 2006, 4:46 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
All it takes is a Key Group of Disgruntled Employees -- perhaps just a small
group -- given the Right Circumstances and Inadequate Security Checks.

I never said it was going to happen by ACCIDENT.

DSH


> "D. Spencer Hines" wrote:
>
>> One of the most effective methods of spreading a virus or Trojan would
>> probably be to hide the virus or Trojan in an anti-virus definitions
>> update
>> and then persuade thousands of people to download and install it.
>>
>
> Ok , Can be done ... BUT ...
>
> This can't happen by accident . Antivirus softwares download the
> definitions
> and apply them only if they are digitally signed by the vendor . When
> applied
> it is 100% sure the vendor provided that and so when millions of people
> understand what happened , they will stop using that program , they will
> sue
> the company ................. and a long story
>
> --
> Panda_man
> Silver level Contributor



Posted by David H. Lipman on December 14, 2006, 4:39 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

| One of the most effective methods of spreading a virus or Trojan would
| probably be to hide the virus or Trojan in an anti-virus definitions update
| and then persuade thousands of people to download and install it.
|
| Is this a consideration that has been given by consumers when they install
| freeware and El Cheapo Anti-Virus Programs onto their computers -- AND by
| the companies who promulgate the software?
|
| Would not fly-by-night outfits which don't have sufficient personnel and
| astute management to ensure the security of their own virus updates be
| particularly vulnerable and untrustworthy?...
|
| Not that the Big Anti-Virus Companies are not also vulnerable.
|
| DSH
|

FUD.

There is a much greater propensity by magnitudes of a malicious person
exploiting a
vulnerability known to exist, and not patched, in one's anti virus application.
Trend
Micro, Symantec, Kaspersky, Sophos, McAfee, etc, all have had a vulnerability
that could be
exploited to install new malware.

The download sites of the anti virus vendors are highly protected sites and a
person with
malicious intent would have great difficulty of inserting malware in *any*
signatures.
Especially when you consider CRC and checksums being performd on the signatures.

I will admit there was ONE case of a BIOS manufacturer having a disgruntled
employeee who
managed to slip some nafarious code in a batch of BIOS chips. This was not
viral and was
close to be a trojan type of payload. Since then great deal of manufacturer
protections
steps have been taken.

Again, your post is FUD.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Posted by D. Spencer Hines on December 14, 2006, 4:57 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
You obviously did not READ what I WROTE, but larked off on your own hobby
horse.

I never said someone could very easily hack the download site and insert
malware.

Screw your head on right and think about Disgruntled Employees.

DSH



> FUD.

<Balderdash Snipped>

> Again, your post is FUD.

> The download sites of the anti virus [sic] vendors are highly protected
> sites and a person with malicious intent would have great difficulty of
> [sic] inserting malware in *any* signatures. Especially when you
> consider CRC and checksums being performd [sic] on the signatures.

<Additional Balderdash Snipped>

> Again, your post is FUD.

DSH

Lux et Veritas et Libertas



Similar ThreadsPosted
Definitions for ClamWin April 5, 2006, 4:44 pm
New Malware.j August 29, 2005, 6:02 am
malware September 5, 2005, 11:16 am
Malware March 5, 2006, 7:39 am
VBS: Malware (GEN) March 14, 2006, 3:11 pm
Spyware/malware July 20, 2005, 6:09 am
Is ewgef.exe malware? November 12, 2005, 12:03 am
RE: SafetyDefender MalWare April 22, 2006, 5:41 am
Re: SafetyDefender MalWare April 30, 2006, 5:11 pm
pup/malware removal help May 17, 2006, 3:10 pm

The site map in XML format XML site map

Contact Us | Privacy Policy