Cyber security news for all

More

    Bitdefender deals with difficult security gaps

    A computer science student discovered some memory errors in Bitdefender’s software. Most of them should be easy to use to inject and execute your own code. It then runs with the rights of the software on the computer concerned. If you exploit these security gaps, you can bring a network completely under your control. All of the bugs are not really hard to find gaps, but rather for security researchers, like those that can easily be found. Almost half caused the lack of the important length in memory systems.

    The Software As A Security Risk

    The main problem is that AV software has to unpack countless file documents. In many cases, the code from simple tools, such as an open unpacker, is simply used. The student was able to trace many of the gaps he discovered back to the tools. But they were not written for the highest security requirements. But that is exactly what a software does: not on the command line, but in the background, it unpacks every suspicious data that passes it. And in the case of Bitdefender, without additional shielding. A hacker only has to push his exploit roughly in the direction of his victim. Tavis Ormandy, who has identified several such loopholes in AV software himself, promptly comments that it is “irresponsible to deliver code like this”.

    Bitdefender

    Security After Several Attempts

    Not a glory either: Bitdefender often needed several attempts to properly close the security vulnerabilities. In one case, it didn’t work until the fourth patch. After all, these security gaps in Bitdefender have all been fixed since the beginning of November. It starts all over again when someone starts the next function for an obscure file. Bitdefender has meanwhile confirmed that the vulnerabilities could possibly be exploited. However, that would not be as easy as shown. In addition, they would like to thank the safety researcher who helped make the products safer.

    Recent Articles

    New malware called Egregor is on the rise

    New malware is on the rise. The Egregor malware has only been in active for 2 months, but it is already becoming apparent that...

    Anyone with a smartphone can become a victim of cyber-mobbing

    Cyber-mobbing is becoming a huge risk in the current COVID crisis. According to a study, almost 20 percent of students in Germany are exposed...

    macOS Trojans: Traces lead to Vietnam

    Security researchers have discovered a new macOS Trojans. Behind this could be a well known hacker group that has spied on Vietnamese dissidents in...

    Court forces Tutanota to perform a surveillance function

    Tutanota email only stores its user mails in encrypted form and cannot read them itself. Tutanota is one of the few email providers that...

    Manchester United have been blackmailed by cyber attackers

    The Premier League club Manchester UnitedĀ fell victim to a cyber attack according to the Daily Mail. The cyber criminals are apparently demanding ransom in...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox