A lot of people will simply go on to believe that installing an antivirus program on their computer does it all. However, most of them do not know that their antivirus program can come with a serious security flaw that could keep their privacy and data at risk. All the individuals and organizations must make sure that they keep auditing all the programs on their systems so that any vulnerabilities could be found with ease.
Joxean Koret is a researcher working for COSEINC, a Singapore based security firm. He has warned the organizations that they must keep auditing their antivirus programs or there would be many attacks on their system vulnerabilities. The antivirus programs are themselves a huge vulnerability and all the programs that they are protecting are also at a huge security risk. As a result of this, the computers become more prone to attacks because the antivirus shield provides even better surface for the attacks with multiple applications being shielded.
During his research through the last year, he has been reviewing and analyzing all the security antivirus products and he claims that he has found dozens of vulnerabilities in at least 14 programs. These program vulnerabilities can easily be exploited remotely and even locally to create security issues with the system. These vulnerabilities has included some bugs in the core of the products and even denial of service flaws that could easily give access to the attackers of the entire system and its connected network.
He said that exploiting an antivirus program is in no way different from exploiting the flaws of a usual program. The programs are not using any specific codes for protecting themselves. They either do not use the DEP and ADLR or completely disable all these systems. As an antivirus is protecting all parts of your computer and is unprotected itself, it would be allowing easy access to the attacks that could be exploiting your data without any difficulty. He added that the antivirus programs can be allowing the attackers to get access to the root or even the system access because these programs are using the highest possible system privileges.
Koret mentions that these programs are providing a huge surface for the attackers to break into the system. Many antivirus programs do not even sign program updates and do not even use HTTPS secure connections to download their own updates because of which attacks become easier for man-in-the-middle attacks.