Threat Alert: Antivirus Killers

Malware and viruses have always targeted various holes in your PC's defenses. But increasingly, virus writers are targeting security software itself. Some viruses try to block your antivirus software's efforts to connect to its parent company for critical updates, while others attempt to shut down security software entirely. And though Windows remains the biggest single source of security holes, researchers are now finding significantly more flaws in the utilities we turn to for protection than in the operating system the software is meant to guard.

According to a Yankee Group report, which examined government statistics, the number of reported vulnerabilities in security software overtook those reported for Windows at the end of 2004. From the beginning of 2004 through May 2005, there were 77 flaws affecting antivirus apps and other security products, increasing at a far faster rate than for Windows.

All the newly reported vulnerabilities provide a challenge to antivirus companies, says Shane Coursen, senior technology consultant for Kaspersky Labs. If virus writers were to succeed in invading computers through an open door in security software, it would erode the confidence in antivirus programs that has built up slowly in the public's mind, he says.

So far only one malicious program has successfully exploited a hole in security software on a large scale: 2004's Witty worm, which targeted software from Internet Security Systems. But the ever-growing rate of discovered vulnerabilities in security tools, combined with the decreasing rate in Windows, makes security software an even more likely target.

While antivirus programs aren't perfect, they're still a critical part of keeping your computer safe. Make sure you have a good one. And keep in mind that its protection is not absolute.

Protect Yourself

Get top-notch antivirus software: Be sure to see our latest review.

Check for updates: Right-click the program's icon in the system tray and check the virus definition date. If it's more than a week old, something could be blocking automatic updates.

Use an online scanner: If your software isn't updating and you have other signs of an infection--like adware programs that seem to come back instantly after you remove them--turn to one of the free online virus scanners at Kaspersky.com or Bitdefender.com.

See the Complete Special Report

The New Security War: In this Special Package
Best Defenders and Spy Sweeper Leads the Field (chart)
The Hidden Money Trail
Privacy in Peril
Is the Net Doomed?
Threat Alert: Spear Phishing
Threat Alert: Antivirus Killers
Threat Alert: Instant Messaging Attacks
10-Step Security
Security by the Numbers
More Security Resources on the Web

Also See Our In-Depth Online Series
Web Of Crime

Subscribe to the Security Watch Newsletter

Comments