14 DAY TRIAL // We all knew that a powerful antivirus supposed to block threats and protect your computer can turn into a serious danger for your computer due to several reasons. But as Sergio Alvarez and Thierry Zoller, N.runs security researchers, stated, the vulnerabilities discovered in the antivirus technologies can be easily used by hackers to exploit an affected system. SecurityFocus informed that the two security experts discovered no less than "80 parsing vulnerabilities in various antivirus products," a matter that should really raise concerns among the security vendor that aim to protect users' computers.
"Current AV DiD (antivirus defense-in-depth) implementations define 'the worst possible way' an antivirus product may fail as 'Fails to detect a threat' or 'Fails to detect a virus,' whereas in reality the worst possible way is a more severe one: Compromise of the underlying OS (operating system) through the antivirus engine," the two researchers stated according to SecurityFocus.
The report published by Sergio Alvarez and Thierry Zolller and uploaded on the N.runs' official page includes numerous antivirus-related details as well as traditional facts which should not be trusted by the consumers. For example, "Antivirus Software is secure," "I use Antivirus Software, I will not get infected" or "My Antivirus Software detects even unknown viruses" are only old myths which are pretty silly these days.
Now we're sure that a simple vulnerability discovered in one of our powerful antivirus technologies can make the application meant to protect our computers really dangerous for the data stored on them. Certainly, we also need an experienced hacker to be able to exploit the flaws but since there are numerous websites and communities talking about them, the attackers can stay up-to-date with the latest security glitches with ease.
Just one tiny piece of advice: keep your antivirus updated with the latest virus definitions and don't forget to apply the latest patches as soon as possible because they are always meant to correct the newest issues discovered in the applications.