Mar 16, 2009

Antivirus, antivirus, antivirus...

My last post was about a bug in an antivirus product, not big deal, all software has bugs.
I was kindly pointed to this article http://isc.sans.org/diary.html?storyid=6010 by Ryan Naraine, it's about an incident were one of my token kidnapping exploits was used, it's a weird feeling to know that some tool of yours was used in an attack but in the end it's not about the tools it's about the user, the intention, etc. anyways, what really surprized me was that no antivirus is detecting the exploits!!! we all know that antivirus suck but not being able to detect a very old exploit with signature analysis that really sucks.