1
0
mirror of https://github.com/PrivSec-dev/privsec.dev synced 2024-11-09 08:21:32 -05:00

Typo in Badness Enumeration (#185)

Signed-off-by: jermanuts <109705802+jermanuts@users.noreply.github.com>
This commit is contained in:
jermanuts 2023-11-28 23:52:32 +03:00 committed by GitHub
parent d066234e55
commit c3658917f1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -33,7 +33,7 @@ The best way to do DNS filtering is to use a VPN provider which has this feature
Antiviruses are highly privileged processes with access to virtually all of your files and data, parsing through them trying to find something that matches a known bad signature. Beyond the fact that you need to trust the Antivirus company to not exfiltrate your sensitive data and that the signature list will never have all of the malware in existence, a vulnerable parser could lead to a system compromise. The [Abusing File Processing in Malware Detectors for Fun and Profit](/researches/Abusing-File-Processing-in-Malware-Detectors-for-Fun-and-Profit.pdf) research paper by Suman Jana and Vitaly Shmatikov discusses this in detail. Antiviruses are highly privileged processes with access to virtually all of your files and data, parsing through them trying to find something that matches a known bad signature. Beyond the fact that you need to trust the Antivirus company to not exfiltrate your sensitive data and that the signature list will never have all of the malware in existence, a vulnerable parser could lead to a system compromise. The [Abusing File Processing in Malware Detectors for Fun and Profit](/researches/Abusing-File-Processing-in-Malware-Detectors-for-Fun-and-Profit.pdf) research paper by Suman Jana and Vitaly Shmatikov discusses this in detail.
Here are some other examples of Anviruses being attack surfaces on their own: Here are some other examples of Antiviruses being attack surfaces on their own:
- [Arbitrary Code Execution with Avast's Javascript Interpreter](https://github.com/taviso/avscript) - [Arbitrary Code Execution with Avast's Javascript Interpreter](https://github.com/taviso/avscript)
- [Memory Corruption with Bitdefender](https://landave.io/2020/11/bitdefender-upx-unpacking-featuring-ten-memory-corruptions/) - [Memory Corruption with Bitdefender](https://landave.io/2020/11/bitdefender-upx-unpacking-featuring-ten-memory-corruptions/)
- [Kaspersky in the Middle](https://web.archive.org/web/20210729054039/https://palant.info/2019/08/19/kaspersky-in-the-middle-what-could-possibly-go-wrong/) - [Kaspersky in the Middle](https://web.archive.org/web/20210729054039/https://palant.info/2019/08/19/kaspersky-in-the-middle-what-could-possibly-go-wrong/)