Evasion bug bites virus shields
By Joris Evers
Staff Writer, CNET News.com
Published: October 31, 2005, 4:55 PM PST
A flaw in several virus scanners could let a malicious file evade detection, a security researcher has warned...By adding some data to a file, an attacker could trick virus scanners into letting a malicious executable file pass through...The problem lies in the scanning engine, which won't detect files that have the extra data...
The problem affects numerous antivirus products, including software from Trend Micro, McAfee, Computer Associates and Kaspersky Lab....several products that are not affected, including software from Symantec, F-Secure and BitDefender... "This is one of the most significant antivirus vulnerabilities of recent times, as it affects the majority of scanner software...