"New Research Finds Bugs in Every Anti-Malware Product Tested"
New research from CyberArk found that most security tools used by organizations to combat malware attacks contain vulnerabilities that could be exploited by attackers to escalate privileges on a compromised system. CyberArk tested products from Symantec, Trend Micro, McAfee, Microsoft, and other major security vendors, and discovered bugs in all of them. According to Eran Shimony, the CyberArk researcher who discovered the flaws, all of the identified vulnerabilities stem from the incorrect use of system resources as an app runs in a privileged context. All of the security products tested by the company were vulnerable to DLL hijacking in which a malicious file is loaded into a privileged process. This article continues to discuss the root cause behind the bugs discovered in the anti-malware products tested by CyberArk and vendors' response to these vulnerabilities.
Dark Reading reports "New Research Finds Bugs in Every Anti-Malware Product Tested"