Cyber security news for all


    Bitdefender deals with difficult security gaps

    A computer science student discovered some memory errors in Bitdefender’s software. Most of them should be easy to use to inject and execute your own code. It then runs with the rights of the software on the computer concerned. If you exploit these security gaps, you can bring a network completely under your control. All of the bugs are not really hard to find gaps, but rather for security researchers, like those that can easily be found. Almost half caused the lack of the important length in memory systems.

    The Software As A Security Risk

    The main problem is that AV software has to unpack countless file documents. In many cases, the code from simple tools, such as an open unpacker, is simply used. The student was able to trace many of the gaps he discovered back to the tools. But they were not written for the highest security requirements. But that is exactly what a software does: not on the command line, but in the background, it unpacks every suspicious data that passes it. And in the case of Bitdefender, without additional shielding. A hacker only has to push his exploit roughly in the direction of his victim. Tavis Ormandy, who has identified several such loopholes in AV software himself, promptly comments that it is “irresponsible to deliver code like this”.


    Security After Several Attempts

    Not a glory either: Bitdefender often needed several attempts to properly close the security vulnerabilities. In one case, it didn’t work until the fourth patch. After all, these security gaps in Bitdefender have all been fixed since the beginning of November. It starts all over again when someone starts the next function for an obscure file. Bitdefender has meanwhile confirmed that the vulnerabilities could possibly be exploited. However, that would not be as easy as shown. In addition, they would like to thank the safety researcher who helped make the products safer.

    Recent Articles

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox

    [tdn_block_newsletter_subscribe input_placeholder="Email address" btn_text="Subscribe" tds_newsletter2-image="730" tds_newsletter2-image_bg_color="#c3ecff" tds_newsletter3-input_bar_display="" tds_newsletter4-image="731" tds_newsletter4-image_bg_color="#fffbcf" tds_newsletter4-btn_bg_color="#f3b700" tds_newsletter4-check_accent="#f3b700" tds_newsletter5-tdicon="tdc-font-fa tdc-font-fa-envelope-o" tds_newsletter5-btn_bg_color="#000000" tds_newsletter5-btn_bg_color_hover="#4db2ec" tds_newsletter5-check_accent="#000000" tds_newsletter6-input_bar_display="row" tds_newsletter6-btn_bg_color="#da1414" tds_newsletter6-check_accent="#da1414" tds_newsletter7-image="732" tds_newsletter7-btn_bg_color="#1c69ad" tds_newsletter7-check_accent="#1c69ad" tds_newsletter7-f_title_font_size="20" tds_newsletter7-f_title_font_line_height="28px" tds_newsletter8-input_bar_display="row" tds_newsletter8-btn_bg_color="#00649e" tds_newsletter8-btn_bg_color_hover="#21709e" tds_newsletter8-check_accent="#00649e" embedded_form_code="YWN0aW9uJTNEJTIybGlzdC1tYW5hZ2UuY29tJTJGc3Vic2NyaWJlJTIy" tds_newsletter="tds_newsletter1" tds_newsletter3-all_border_width="2" tds_newsletter3-all_border_color="#e6e6e6" tdc_css="eyJhbGwiOnsibWFyZ2luLWJvdHRvbSI6IjAiLCJib3JkZXItY29sb3IiOiIjZTZlNmU2IiwiZGlzcGxheSI6IiJ9fQ==" tds_newsletter1-btn_bg_color="#0d42a2" tds_newsletter1-f_btn_font_family="406" tds_newsletter1-f_btn_font_transform="uppercase" tds_newsletter1-f_btn_font_weight="800" tds_newsletter1-f_btn_font_spacing="1" tds_newsletter1-f_input_font_line_height="eyJhbGwiOiIzIiwicG9ydHJhaXQiOiIyLjYiLCJsYW5kc2NhcGUiOiIyLjgifQ==" tds_newsletter1-f_input_font_family="406" tds_newsletter1-f_input_font_size="eyJhbGwiOiIxMyIsImxhbmRzY2FwZSI6IjEyIiwicG9ydHJhaXQiOiIxMSIsInBob25lIjoiMTMifQ==" tds_newsletter1-input_bg_color="#fcfcfc" tds_newsletter1-input_border_size="0" tds_newsletter1-f_btn_font_size="eyJsYW5kc2NhcGUiOiIxMiIsInBvcnRyYWl0IjoiMTEiLCJhbGwiOiIxMyJ9" content_align_horizontal="content-horiz-center"]