How antivirus companies have responded to the WMF exploit



December 31st, 2005

An article in eWeek has posted results from [tag]AV-Test[/tag] looking at how antivirus companies have responded to the [tag]WMF[/tag] threat. 

So far there have been 73 analyzed variants and products from the following companies identify all 73 (if you have the latest updates downloaded and installed!):

  • Alwil Software (Avast)
  • ClamAV
  • ESET (Nod32)
  • Fortinet Inc.
  • F-Secure Inc.
  • McAfee Inc.
  • Panda Software
  • Softwin (BitDefender)
  • Sophos Plc
  • Symantec Corp.
  • Trend Micro Inc.
  • VirusBuster

Some of the others haven't faired so well:

  • 62 - eTrust-VET
  • 62 - QuickHeal
  • 61 - AntiVir
  • 61 - Dr Web
  • 61 - Kaspersky
  • 60 - AVG
  • 19 - Command
  • 19 - F-Prot
  • 11 - Ewido
  • 7 - eSafe
  • 7 - eTrust-INO
  • 6 - Ikarus
  • 6 - VBA32
  • 0 - Norman

I'm surprised at Kaspersky not detecting all of the variants as they are usually quite prompt.  However, what we also see is that antivirus products that use heuristic detection (looking for malware-like behavior rather than just detecting specific threats).

I predict that 2006 will be a busy and challenging year for antivirus and security companies.

This entry was posted on Saturday, December 31st, 2005 at 16:22 and is filed under In the News, Stay Secure. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.