Hot on HuffPost Tech:

See More Stories
Free Switched iPhone app - try it now!
AOL Tech

Microsoft confirms Security Essentials, Forefront not affected by Matousec exploit

When it first hit the blogosphere, Matousec's announcement about a failing in the way most Windows antivirus software operates sounded like a huge threat. "100% of the applications tested were compromised!" they reported. And yes, oh crap, that makes things sound pretty serious.

Especially when you report this news on a post entitled "KHOBE: 8.0 earthquake for Windows desktop security software."

There's something that was a bit understated, however. A number of security researchers who don't work at Matousec -- like Sophos' Graham Cluely and Microsoft's Feliciano Intini have pointed out that this exploit only works if an attacker has already gained the ability to execute arbitrary code. Need some clarification on that?

It means the Matousec exploit allows attackers to do something they were already able to do anyway.

When I wrote about the report last week, I was curious why none of Microsoft's software was on the list. As it turns out, they may have been convenient omissions. Microsoft researchers have confirmed that neither of their current antivirus apps -- Forefront and Microsoft Security Essentials -- are vulnerable to the Matousec exploit.

Tags: antivirus, exploit, forefront, malware, matousec, microsoft, mse, report, security, security essentials, SecurityEssentials

Comments

5