Security researchers have developed an attack technique they say can
circumvent dozens of anti-virus products used to protect Windows desktops,
including McAfee, Sophos and Symantec’s Norton anti-virus.

Researchers at call the technique an “argument-switch” attack.
Many security vendors alter the kernel part of system call mechanism
implementation by modifying contents of the System Service Descriptor Table (SSDT),
a process called SSDT hooking. Essentially, the attack switches out safe code
given the green light by security software for malicious code. If the timing is
perfect, the malicious code can sneak by without triggering anti-virus alerts.

  • Подпишись на наc в Telegram!

    Только важные новости и лучшие статьи


  • Подписаться
    Уведомить о
    0 комментариев
    Межтекстовые Отзывы
    Посмотреть все комментарии