Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
A security researcher has claimed that NOD32 anti-virus will not remove malware that has executable but not read or write permissions.
The researcher claimed NOD32 allowed malware "to run unimpeded" but the company did not respond to attempts to confirm the flaw.
Avast anti-virus was also affected although it later fixed the flaw after it was notified.
The researcher said Eset, which owns NOD32, did not respond when it was privately notified of the flaw.
"The vulnerability discussed here is that some antivirus software fail to perform their functions if the malware file is missing read, write or delete permissions," the researcher said. "They might not scan the file contents, not delete, or not disinfect it."
The anti-virus flaw was detected with NOD32 running on a virtualised Windows XP Professional SP3 using the Back Orifice 2000 server file (bo2k.exe) with file permissions set to only allow execution.
NOD32 versions 5.0.93.0, 5.0.94.0 and earlier, 4.2.71.2 and earlier and 4.0.x were reportedly affected.
Copyright © SC Magazine, Australia
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.