Anti-Virus Programs don't Protect against Recent Chinese Attacks on Google


According to recent research, anti-virus programs are not giving us full protection against hackers, such as the Chinese hackers who targeted Google recently. Take a look at this story from

"NSS Labs, Inc., the leading independent security testing organization, today announced the results of its evaluation of seven popular consumer endpoint security products in protecting the vulnerability exploited in the recent 'Operation Aurora' attack conducted against Google and at least 30 other organizations. This test—the first of its kind in the industry—was designed to identify which products truly shielded the underlying Microsoft Windows Internet Explorer vulnerability (CVE-2010-0249) against additional attack variants. Products that defended the vulnerability versus simply stopping a single variant or its malicious payload are considered to have a more effective security model.

In its Austin, Texas facility, NSS Labs created variants of the Operation Aurora attack and tested the anti-malware software to see which of the seven products stopped the exploits and malicious code payloads. Given the level of visibility of the attack and the time that has passed since its initial discovery, it was thought that most, if not all, of the products would cover the vulnerability. However, only one out of seven tested products correctly thwarted multiple exploits and payloads, demonstrating vulnerability-based protection (McAfee)."

Here are the products they tested:

-AVG Internet Security, version 9.0.733

-ESET Smart Security 4, version 4.0.474.0

-Kaspersky Internet Security 2010, version

-McAfee Internet Security 2010 with SecurityCenter, version 9.15.160

-Norton Internet Security 2010, version (Symantec)

-Sophos Endpoint Protection for Enterprise – Anti-Virus version 9.0.0

-Trend Micro Internet Security 2010, version 17.50.1366.0000

Looks like there is room for improvement.


comments powered by Disqus
Case Review

Step 1

Step 2

Step 3