Antivirus; The German AV-TEST Anti-Virus Research Institute has conducted a new series of tests to determine how vendor software vendors manage to protect their programs by analyzing the use of ASLR and DEP technologies, the use of signed files and use HTTPS to deliver updates.
The results are not at all encouraging, as some of the developing Companies they have not yet managed to protect their own products using these technologies. Thus software with security gaps that can be used by attackers to take over a system were observed.
Regarding ASLR technologies (Randomization layout Layout) and DEP (Data Execution Prevention), AV-TEST reports that leading products such as Avira, Bitdefender, Kaspersky and Symantec use these security technologies “Without Exception”, while AVG and BullGuard are quite close with an almost perfect result.
“Other manufacturers like Comfortable, Emsisoft, Avast, McAfee, ThreatTrack, Quick Heal and K7 do not use the technology consistently. Their percentages range between 92,2 and 58,5%. Ahnlab, which had the lowest percentage, has ASLR & DEP at 36,3%,” reports AV-TEST.
As for signed files, not everyone seems to be using this method. Signed files allow security products to identify the developer of a particular file applicationand check its integrity, determining whether malicious changes have been made to a particular file.
And this time, top security suites like Bitdefender and Kaspersky use signed files, and in the case of Avira and AVG, they are not signed by 1 to 5 files or do not use valid certificates.
Finally, it seems that only 13 from 19 security products use HTTPS to distribute software and updates (Avira, Bitdefender, ESET and Kaspersky).
Worse, some of the antivirus vendors whose solutions have been tested by AV-TEST state that technologies such as ASLR and DEP can not be applied to their products.
"Some suppliers have informed the laboratory experts after our last tests that their products will never reach 100%, because they used protection technologies that were not compatible with ASLR and DEP. However, the manufacturers do not want to reveal the technologies they use ", reports from AV-TEST.