Why there’s no one test to rule them all

‘Because every product has strengths and weaknesses, having a variety of different tests is essential.’ Lysa Myers, West Coast Labs

Figures show importance of patching

Study finds that 99.8% of malware infections caused by commercial exploit kits could be avoided if just six software packages are kept up to date.

Drop in vulnerability disclosures

IBM reports decrease in vulnerability disclosures and drop in web application vulnerabilities, but flaws affecting mobile devices are on the rise.

August 2011

The Virus Bulletin prevalence table is compiled monthly from virus reports received by Virus Bulletin; both directly, and from other companies who pass on their statistics.

A new BIOS rootkit spreads in China

The BIOS rootkit is the most complex type of rootkit researchers have come across so far. It is hardware dependent, and an attacker must have extensive knowledge of the computer – including software and hardware – in order to create one. Until now this type of rootkit has remained in the realm of academic research – but recently things have changed. Zhitao Zhou details TrojanDropper:Win32/Wador.A.

Hard disk woes

It is uncommon these days to find malware whose sole purpose is to cause damage, but W32.VRBAT does just that (and only that) - using ATA disk security to render hard disks useless. Jorge Lodos and his colleagues have the details.

Asynchronous Harakiri++

The generic retro-malware features of ZeroAccess, combined with its advanced rootkit features, makes it one of the most difficult rootkits to deal with, while newer variants of the malware also support 64-bit Windows systems. Peter Ször and Rachit Mathur take a detailed look at the rootkit.

Okay, so you are a Win32 emulator…

There has already been extensive research into the plethora of tricks used by contemporary malware and executable protectors with the purpose of breaking debuggers and emulators. Unfortunately malware authors are aware of such research efforts and the countermeasures introduced by engine developers. They are also pretty much aware of the capabilities of AV emulators, and are ready and prepared to deploy tricks to overcome them. Gabor Szappanos looks at a small cross-section of the threat landscape.

VB100 Comparative review on Windows 2003 Server R2

This month's test proved another epic - not in terms of the number of products entered but rather in the time taken to get through them all. John Hawes reveals the details of the troublesome few and the better-behaved majority.

Anti-malware industry events

Must-attend events in the anti-malware industry - dates, locations and further details.