Security researchers have developed an attack technique they say can
circumvent dozens of anti-virus products used to protect Windows desktops,
including McAfee, Sophos and Symantec’s Norton anti-virus.

Researchers at call the technique an “argument-switch” attack.
Many security vendors alter the kernel part of system call mechanism
implementation by modifying contents of the System Service Descriptor Table (SSDT),
a process called SSDT hooking. Essentially, the attack switches out safe code
given the green light by security software for malicious code. If the timing is
perfect, the malicious code can sneak by without triggering anti-virus alerts.

Оставить мнение

Check Also

Новые проблемы с обновлениями Windows 10: теперь перестает работать аудио

В последнее время обновления для Windows все чаще вызывают у пользователей проблемы. Так, …