Archived material Access restricted Article
Rantburg

Today's Front Page   View All of Sun 05/09/2010 View Sat 05/08/2010 View Fri 05/07/2010 View Thu 05/06/2010 View Wed 05/05/2010 View Tue 05/04/2010 View Mon 05/03/2010
1
2010-05-09 Science & Technology
Proof of Concept Exploit Bypasses AV Programs
Archived material is restricted to Rantburg regulars and members. If you need access email fred.pruitt=at=gmail.com with your nick to be added to the members list. There is no charge to join Rantburg as a member.
Posted by badanov 2010-05-09 05:32|| || Front Page|| [2 views ]  Top

#1 Just tie the AV software to a single processor.

BTW. I don't run ANY AV software.

1/ I use Firefox.
2/ I use a hardware firewall.
3/ I use adblock.

Nasties count = 0.
Posted by Bright Pebbles 2010-05-09 07:40||   2010-05-09 07:40|| Front Page Top

#2 So what are we end-users to do about it?

Short answer: Nothing.

Long answer:

It's just a concept right now, and as it was demonstrated, the malware is a one-two punch. The concept as it is now requires the machine to already be vulnerable to malware in order to use this method.
Posted by badanov 2010-05-09 11:08|| http://www.freefirezone.org  2010-05-09 11:08|| Front Page Top

#3 Vista on a 64 bit VM, running on my Linux workstation. I have no worries at all, I simply restore the last saved VM session and any damage is gone. Even then, I use Firefox with NoScript & Ghostery (2 must-haves for security) and MSLive for AV+malware blocking.

If you want to be safe, simple: run Firefox with the 2 addons I mentioned (plus AdBlockPlus), keep the OS up to date with patches from MS, and use MSLive AV+firewall (free and works well enough - scan & update the AV daily, deep scan weekly via automated scheduler), and don't run binaries or click on links given by someone you don't personally know, and scan EVERYTHING.

IF you aren't stupid, its not easy to be compromised.
Posted by OldSpook 2010-05-09 11:36||   2010-05-09 11:36|| Front Page Top

#4 eYep.
A VM allowed no physical resources.
Start it up, start the browser.
Shut down the browser, destroy the VM.
Posted by Skidmark 2010-05-09 13:30||   2010-05-09 13:30|| Front Page Top

#5 I use a Mac :-)

Though I'm thinking of firing up Ubuntu inside VirtualBox inside the Mac, and then using Firefox from inside that. Kill it when I'm done, as you say.
Posted by Steve White 2010-05-09 15:26||   2010-05-09 15:26|| Front Page Top

#6 All that stuff is easy for ya'll who know stuff about computers.

For the rest of us.... :-(
Posted by Barbara Skolaut 2010-05-09 17:41||   2010-05-09 17:41|| Front Page Top

00:01 49 Pan
23:51 49 Pan
23:13 ed
23:09 ed
22:48 ed
22:44  abu do you love
22:39 ed
22:27 Thing From Snowy Mountain
22:26 lotp
22:25 Pappy
22:20 lex
22:16 ed
22:13 SteveS
22:08 Thing From Snowy Mountain
22:07 trailing wife
22:03 Thing From Snowy Mountain
22:02 lex
22:01 Thing From Snowy Mountain
21:58 KBK
21:58 Barbara Skolaut
21:57 Thing From Snowy Mountain
21:51 Zhang Fei
21:39 lotp
21:34 lotp









Paypal:
Google
Search WWW Search rantburg.com