If you happen to use antivirus software created by Kaspersky Lab, you have probably seen the Trojan.JS.Redirector.ar virus warring quite a lot of times today. It turns out that a flaw in several of the companys software products caused the unnecessary panic by recognizing all Google ads websites as infected. ZoneAlarm as well as F-Secure antivirus software products have also been affected by this problem.
Luckily the Kaspersky Lab have already stepped in and calmed everybody down by releasing an official statement. It confirms that Google arent spreading some sort of a virus through their sites, only their erroneous software products thought so. So, the message from above is nothing but a false alarm.
Im glad that the guys at Kaspersky reacted so quickly with the statement and I hope that the problem will be gone quite soon. Normally, antivirus software should make us feel safe while surfing and not spread panic, right?
Read on http://support.kaspersky.com/kis2010/error?qid=208281219
-
-
I use kaspersky and didn't notice a thing...
-
So 3 products claim malware - but its officially a false positive?
Why would I think it more likely Google's server got infected... -
-
Erm, it is more likely they(AV) screwed up.
If they share virus definition files they are likely to end up with the same conclusion. It is not the first time screw up like this occurs.
AVG even attempted to remove Windows System files.
This is also why I feel many AV solution is overrated just a decent free one will do.
And basically since MSE is created by MS the chances MSE self kill Windows is lower hence better.
Even if it did self kill (and made Microsoft a laughing stock) at least you didn't pay any money for it.
Google server runs Linux probability of infection is very very low. -
Who knows, maybe multiple anti-malware software use a similar approach to identify JS malware...
-
-
But then again Microsoft products/windows appear to have plenty/regular security vulnerabilities that let malware in. I would not be surprised if Microsoft anti-virus software missed half of the malware.
-
Vulnerabilities are created because of bad programming practice and bugs in code(can be inherently low level as well).
While Antivirus detects malware by code pattern.
It is Apple and Orange.
Even UNIX has its own vulnerabilities except it is not published as widely.
In Linux it is promptly fixed due to wide community support and code analysis.
You can have a sample how good is MSE(free) by using it no need to debate over something you can put to test.
Personally I don't need a Super Anti-Virus that can track down every malware just most will do.
I just need something that is
1)Cheap (Free)
2)Doesn't eat up a lot of CPU cycles
3)Doesn't turn rogue and kill my Windows OS after some virus definition file update (Any AV that does that automatically earns a EPIC FAILURE tag it is like the Police turn rogue) -
As for Kaspersky, it would be interesting to know if it was a false positive or google being compromised? Would google admit a compromise in their website? -
And Kaspersky admits they sucked.
Bad Program can be usage of vulnerable function calls, or simply a low level IA-32 bug or bug in C++ function libraries.
It is not something that you can easily detect.
You have to understand that IA-32 is not perfect neither is C++.
What is important that bugs are detected and fixed regularly. -
-
-
-
-
Write a virus dedicated to Apache etc. based webservers, and have them carry a Windows Virus as payload that is then served to Windows etc. PCs.
Once you have a virus in an OS it can reasonably easy dish out any payload.
Now the question is:
How secure is Google's server. -
-
It is not as easy as it sounds because Windows do have certain level of protection against code exploits.
I can names some: Address Space Randomisation, NX and some more.
Especially those that request elevated permission.
Most of the time Windows malware run because the user was tricked onto making it run.
The amount of code you do will make asking the client to run a downloadable executable much easier.
What I was thinking you were saying is a malware that propagate through both Windows and UNIX. -
Kaspersky Lab false positive: Google ads spread no Trojan.JS.Redirector.ar virus
Discussion in 'Security and Anti-Virus Software' started by BlackRussian, Jan 25, 2010.