Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Anti-virus Products Mostly Ignore Windows Security Features

03 Aug 2010   #1

Win 7 Ultimate 64-bit. SP1.
Anti-virus Products Mostly Ignore Windows Security Features


I recently highlighted a study which showed that most of the top software applications failed to take advantage of two major lines of defense built into Microsoft Windows that can help block attacks from hackers and viruses. As it turns out, a majority of anti-virus and security products made for Windows users also forgo these useful security protections.

As I wrote last month:
Attackers usually craft software exploits so that they write data or programs to very specific, static sections in the operating system’s memory. To counter this, Microsoft introduced with Windows Vista (and Windows 7) a feature called address space layout randomization or ASLR, which constantly moves these memory points to different positions. Another defensive feature called data execution prevention (DEP) — first introduced with Windows XP Service Pack 2 back in 2004 — attempts to make it so that even if an attacker succeeds in guessing the location of the memory point they’re seeking, the code placed there will not execute or run.
These protections are available to any applications built to run on top of the operating system, and they’re designed to make it difficult for attackers to develop reliable exploits for vulnerabilities in Windows applications. As we saw last month, few top apps invoke the protections, but many readers may be surprised to learn that few anti-virus products have adopted these technologies.

I installed the trial versions of a dozen top anti-virus and security suites on a virtual machine running Windows Vista, and then checked each product’s executable files using Microsoft’s excellent Process Explorer tool, which provides a mass of information about processes running on your Windows system, including whether or not those processes invoke DEP and/or ASLR.

Among the anti-virus products that used neither ASLR nor DEP were AVAST Home Edition, AVG Internet Security 9.0, BitDefender Internet Security 2010, ESET Smart Security, F-Secure Internet Security, Norton Internet Security 2010, Panda Internet Security 2010 and Trend Micro Internet Security 2010.

Microsoft Security Essentials was the only product that used both ASLR and DEP consistently on Windows Vista (although interestingly it does not invoke DEP on Windows XP). Other anti-virus suites I tested used either ASLR or DEP (or both), but only in some applications that make up the suite. For example, McAfee Internet Security’s “mcagent.exe” program runs both ASLR and DEP, while four other executable processes spawned by the program ran DEP but not ASLR (since these tests were run, McAfee has changed the trial version of MIS available on its site, and the company sent me a screen shot that shows DEP and ASLR on all running processes in that version).

More -
Anti-virus Products Mostly Ignore Windows Security Features — Krebs on Security

My System SpecsSystem Spec

 Anti-virus Products Mostly Ignore Windows Security Features

Thread Tools

Similar help and support threads
Thread Forum
Anti Virus Pro Security issue
Hello, I've been passed an acer laptop on with the Anti Virus Pro Security ransom ware on. i have removed these before using safe mode but this one seems to be a little more inventive. when i log in in safe mode it boots me back out and restarts the laptop up in standard mode. same with...
System Security
Avast anti-virus or Microsoft Security Essentials?
Hello, I use Windows 7 64-bit Home Premium. For the last year or so, I've used Avast Anti-virus and Malwarebytes. However, today I had a nasty case of the Metropolitan Police virus and now am considering using Security Essentials instead. Should I uninstall Avast, or does anybody have any...
System Security
Best anti virus or internet security for windows 7?
i use to use kaspersky internet security with vista, anybody know the best one for windows 7?
System Security
Microsoft Security Essentials – new anti-virus software
More at: Genuine Windows Blog - The Windows Blog

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 00:51.
Twitter Facebook Google+