Vulnerabilities in AntiVirus engines-is F-Secure safe?

Interesting read here on the vulnerabilities and exploitations of AV engines; https://twitter.com/matalaz/status/451934665830436864

 

Many AV engines have weaknesses, including F-Secure. Should users be concerned?

 

SnapCrab_NoName_2014-4-4_17-17-11_No-00.png

 

SnapCrab_NoName_2014-4-4_17-17-41_No-00.png

 

SnapCrab_NoName_2014-4-4_17-18-17_No-00.png

 

 

 

 

Best Answer

  • gancalgancal Posts: 23
    Accepted Answer

    Hello Blackcat,

     

    Thanks for bringing this up to us.

     

    We are aware of the vulnerabilities in our product engine and have released fixes for them in the latest database update. Our customers do not need to manually apply hotfixes or patches as this was done through our normal database update channel. 

     

    We at F-Secure is taking this issue very seriously and are investing in improving our software security practices. Should you have concerns or questions regarding this issue, kindly send an email to [email protected] Thank you for your cooperation!

     

    Regards,

    Calvin Gan

    F-Secure Security Report Coordinator

Comments

  • BlackcatBlackcat Posts: 511

    Problems seem to be with the BitDefender engine;

     

    SnapCrab_NoName_2014-4-4_17-21-2_No-00.png

     

    SnapCrab_NoName_2014-4-4_17-21-50_No-00.png

     

     

    Recommendations for AV users;

     

    SnapCrab_NoName_2014-4-4_17-22-38_No-00.png

  • SimonSimon Posts: 2,583

    I would perhaps question the merits of an article where the writer can't spell Finland (Finnland?).  To be honest, it looks like a little bit of a scare story to me.  dunno.gif

    Chrissy
  • BlackcatBlackcat Posts: 511

    A little unfair , Simon.

     

    Joxean Koret, who gave this presentation, is Basque so English may not be his strongest language.

     

    Further, he is a well-respected security researcher;  http://syscanblog.blogspot.co.uk/

     

    "Speakers who have presented in previous SyScan conferences are among the best and brightest in their respective field".

     

     

  • SimonSimon Posts: 2,583

    OK.  I've not heard of the guy, to be honest, but fair comment.

  • siramicsiramic Posts: 43

    Not to feel to bad, Simon, as I thought the same thing as you, who is this guy who comes out of the woodwork and pronounces all these shortcoming or exploits of security vendors software (esp. BD) let alone on a twitter account link. I'm not trying to pile on Blackcat, as I appreciate your contributions here, complete with photos and links to back yourself up, giving your post excellent merit, so kudos to you :)

     

    I guess we're all so used to hearing of such things from the bigger names we all know, i.e. AV-Comparatives, which in this case had a nice commissioned firewall study that showed Windows firewall very competent against Public network attacks. This hopefully gives us reassurance in that regard, that Windows firewall together with F-Secure and DeepGuard may be ok after all Smiley Wink  http://www.av-comparatives.org/wp-content/uploads/2014/03/avc_fw_201403_en.pdf

This discussion has been closed.