In general, we use and trust security programs like antivirus and antispyware applications from all sorts of vendors to keep our computers safe, but could those very programs be opening us up to more holes? That’s what security firm n.runs AG has been testing for the last several years, and it is the subject of a recent PC World article. It turns out that file parser bugs in many of the mainstream scanning engines are exposing users to additional risks. The problem is compounded by the fact that many users run multiple scanning programs in tandem, under the reasoning that if one engine doesn’t catch something, another will.
That thinking, based on real-life experience, provides additional protection against infections from outside sources, unless the engines used all have different parser holes. Running multiple programs may actually be more hazardous, due to the fact that there are more flaws exposed.
N.runs is developing a program to help secure other security engines, named ParsingSafe (a codename), that will help protect antivirus software against the sorts of parsing attacks the firm has seen. The website slates market introduction as fourth-quarter 2007, which is now, so I’m expecting to see more news popping up about it. Perhaps I should be glad this school computer of mine runs only one AV engine after all.