A vulnerability in antivirus scanners. Found by Rack911labs

Forums VoodooShield Support Forum General VoodooShield Discussions A vulnerability in antivirus scanners. Found by Rack911labs

  • Post
    GrDukeMalden
    Participant
    US
    This article https://www.rack911labs.com/research/exploiting-almost-every-antivirus-software/#1582913022163-15564610-57a3 explains how a lot of antivirus programs can be exploited by taking advantage of the time between detecting malware and moving that malware to the quarantine.

    Perhaps Daniel San can step in and explain this better, but from what I saw in Rack911labs’ demo video on windows. Running voodoo along side the antivirus of your choice will prevent this kind of attack in always on mode. Because this exploit requires the use of a command line and every windows system file is protected by voodoo against those kinds of things.

    |VPN(paid)| VoodooShield(Paid)|   SecureAPlus (Paid,Pro)| Sandboxie Plus, by Xanasoft| HitManPro.Alert!(Paid)|
    0
    0
Viewing 1 replies (of 1 total)
  • Replies
    Dan
    Keymaster
    US
    Interesting, thank you for letting me know.  Yeah, I think VS would handle this just fine, but if you find a PoC, please let me know and we will test to be sure.
    1
    0
Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.