Windows hack bypasses AV software

Insecurity experts at Matousec.com have just released details of a new attack that bypasses the security protections of most current antivirus software.

The outfit said that it is very serious, so no smiles here then.

Matousec.com said that attackers could exploit the kernel driver hooks that most security software use to reroute Windows system calls through their software to check for potential malicious code before it’s able to execute.

Dubbing the whole thing an “argument-switch attack,” the attacker swaps out benign code for malicious code between the moments when the security software issues a green light and the code. Alfred Huger, vice president of engineering at Immunet, another antivirus company said this is definitely very serious.

We were not planning to make the “this is not an argument-switch it is a contradiction” gag, honest.

Basically it hits Windows XP and Vista 32 bit models and works on nearly three-dozen Windows desktop security titles, including ones from Symantec, McAfee, Trend Micro, BitDefender, Sophos and others,

Mikko Hypponen, chief research officer at Finnish firm F-Secure, in an e-mail agreed that the flaw was serious. So we will not be making the gag about the two viruses go into a pub. No way.

Kaspersky Lab has officially announced that it is not as serious as all that as it only buggers up some of the features of its products. So don’t go Russian into replacing anything too quickly.