14 DAY TRIAL // N.runs, a German company that specializes in IT consultancy, has put several antivirus products to the test for the past few months. A total of 800 flaws have been discovered, flaws that an attacker could exploit. The company says that antivirus software fails to do its job adequately and that instead of preventing an attacker from accessing the network, the software flaws will grant them access both to the network and the database.
N.runs says that after intense and rigorous testing it has found out that no virus scanner currently on the market is 100% secure. Company networks are vulnerable to DoS (denial of service) attacks or destructive code infiltration.
Antivirus scanners have to process all kinds of file formats quickly and in large numbers. All these files are split into blocks and structures and then scanned for malware and viruses. During the parsing process a malicious code can slip through and be executed.
N.runs offers details: "In short, the more parsing that takes place, the higher the recognition rate and the degree of protection from destructive software, but at the same time the larger the attack surface which makes the antivirus product itself a target."
What could happen if an attacker was successful? According to N.runs there are two possibilities: "Systematic industrial espionage, along with the interruption of all email communication, are two of the possible consequences."
In response to the current threat N.runs has launched aps-AV (short for Application Protection Security Anti-Virus), a software solution that works with the currently installed antivirus software in order to provide protection from viruses as well as both 0-Day and remote attacks. E-mail security is also a main concern of aps-AV, which is designed to work best on large networks (such as the ones used by large government or privately owned corporations).