Research shows antivirus products vulnerable to attack

A Google researcher has been reporting severe vulnerabilities in security suites from Kaspersky, Trend Micro, MalwareBytes, FireEye, AVG, ESET and now Comodo.

Google security researcher Tavis Ormandy has long been a pain to vendors of commercial software with significant bugs, which is to say all vendors of all commercial software.

Lately he has been on a tear finding truly shocking vulnerabilities in commercial Windows security suites, what most people call antivirus. The latest: "Comodo Internet Security installs and starts a VNC server by default," and does not restrict access to it. VNC is an open source remote control tool.

In fact, Ormandy is not claiming to have found this particular feature, which has been reported many times before. The VNC server is part of Comodo GeekBuddy, a tech support tool which Ormandy accuses of "...a number of questionable and shady tactics to encourage users to pay for online tech support." The server allows for local privilege escalation...

Read more: Research shows antivirus products vulnerable to attack | ZDNet

 

[quinncy]

Read more: Research shows antivirus products vulnerable to attack | I ZDNet

I did use the Chromodo Browser and found it to be just like Google Chromes . After reading the article about the security Chromodo put out a new version and was informed that the security holes were fixed . Vista user have no choice but to leave Google Chrome as they will no longer support Vista .I did delete Chromodo and have gone to Fire Fox