A just-published attack tactic that bypasses the security protections of most
current antivirus software is a "very serious" problem, an executive at one
unaffected company said.
Last week, researchers at Matousec.com outlined how attackers could exploit
the kernel driver hooks that most security software use to reroute Windows
system calls through their software to check for potential malicious code before
it’s able to execute.
Calling the technique an "argument-switch attack," a Matousec-written paper
spelled out in relatively specific terms how an attacker could swap out benign
code for malicious code between the moments when the security software issues a
green light and the code actually executes.