AV-Test: antivirus vendors should better protect their own software

Posted 02 May 2017 18:45 CEST by Jan Willem Aldershoff

While antivirus products should protect computers against all kinds of threats, the developers of the software should put more effort in making their own software more secure. This according to tests performed by  German AV-Test that analyzed 32 antivirus products for consumers and companies.

AV-Test rated the software based on their use of ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention) which are measures that should make it harder for attackers to abuse vulnerabilities in software. The antivirus software was also rated on the usage of signed files and the usage of HTTPS to offer updates.

Half of the tested antivirus applications fully utilized ASLR and DEP which is an improvement over a test that AV-Test conducted in 2014, when only 2 antivirus vendors utilize those technologies.  Some antivirus vendors told AV-Test to never be able to fully use ASLR and DEP because their protection technology is incompatible with these security measures.

Another test item was the use of signed files. This way the developer of a file can be identified. For security this is important as the antivirus software can check the authenticity and integrity of its own files. Fifteen vendors distributed unsigned files or files that were signed with an invalid certificate.

The last test item was the security of the file distribution. According to AV-Test all software should be offered through HTTPS. In case HTTP is used, an attacker is able to manipulate the download and replace the original update with malware or a modified version. From the 19 vendors that offer a direct download of their software, 13 used the insecure HTTP.

AV-Test notes that security companies, especially because of their role in the software industry, should give a good example and that there’s lots of room for improvement. Only Bitdefender, ESET and Kaspersky Lab fully utilize ASLR and DEP, sign all files with valid certificates and offer secure downloads.

The CTO of AV-Test, Maik Morgenstern, does add that while the security of some antivirus vendor isn’t on par, it doesn’t mean users should use any antivirus software at all, “the test indicates that some manufacturers, through complacency, weaken their own security software due to potential security gaps. But using this as a reason to forgo all protection would result in even graver consequences.”



Myce.com settings

Several settings at Myce.com can be changed, they are stored in cookies, which means they will be reset if you clear Myce.com cookies

Background

Change the background to a plain color or trianglified image (similar to the default image)

No tracking features

At Myce most social media feature are done server side and impose no privacy risk to the visitor when not used. Several features use Javascript with you can turn off here

Layout

Switch to the List layout for an index with chronologycally listed news items or Grid layout for a block based layout. To see the change you need to reload the page

×