14 DAY TRIAL // German antivirus research institute AV-TEST has performed a new series of tests to determine how antivirus vendors manage to protect their own security solutions, analyzing the use of ASLR and DEP, signed files, and HTTPS for delivering updates.
The results aren’t at all surprising, as some of the developing companies are yet to make their products fully hackerproof using these technologies, instead leaving gaps that can be used by attackers to eventually hijack a system.
When it comes to ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention), AV-TEST says the top security products on the market, including here the ones from Avira, Bitdefender, Kaspersky, and Symantec, use these security technologies “without exception,” while AVG and BullGuard are pretty close with an almost perfect score.
“Additional manufacturers such as Comodo, Emsisoft, Avast, McAfee, ThreatTrack, Quick Heal and K7 do not use the technology consistently enough. Their rates range between 92.2 and 58.5 percent. Ahnlab, which achieved the lowest percentage, deploys ASLR & DEP even as low as 36.3 percent,” AV-TEST says.
Signed files and HTTPS
As far as signed files are concerned, not everyone seems to be embracing this method. Signed files allow security products to identify the developer of a specific application and check the integrity, determining whether any malicious changes have been made to a specific file.
Again, the top security suites out there come with signed files, including Bitdefender and Kaspersky, while in the case of Avira and AVG, 1 to 5 files are not signed or use an invalid certificate.
And last but not least, it appears that only 13 out of the 19 security products are using HTTPS for software and update distribution, with Avira, Bitdefender, ESET, and Kaspersky passing these tests with flying colors.
What’s worse is that some of the antivirus vendors whose solutions were tested say that technologies like ASLR and DEP cannot be implemented into their products.
“Some suppliers informed the lab experts after the last tests that their product files in the test would never reach 100 percent. Because they used protection technologies that were not compatible with ASLR and DEP. Yet the manufacturers do not wish to disclose which technologies are involved,” AV-TEST revealed.
