To do or not to do: anti-virus accessories presented at Virus Bulletin 2003

by Jong Purisima (Trend Micro),

Tags: Security


Summary : "To do or not to do: anti-virus accessoriesAs the evolution of the anti-virus product continues, there has been a radical
increase in the things that have been expected in regards to its functions.
These range from detection issues to additional tools.As an example, should spyware, adware, dialers and even Joke programs be detected? Should an
exploit be detected separately from the malware that uses it to breach a system? Should we
detect a hammer for the mere fact that it can be used to kill someone? Clearly a push and pull
dilemma since one person's garbage can be the gold of another.How about product patches? Should AV products provide patches to other products' known
vulnerabilities? Is there any problem with AV Vendor A providing a patch for Operating System
Developer B's security hole?How about newly added personal firewalls, anti-spam, parental control software, and all the
other additions that entice the package? Are they supposed to be provided by AV vendors?
Should they be part of the standard contemporary anti-malware solution?This paper will discuss and try to answer a few of these questions and possibly come up with
some alternatives to the problems that arise with these accessories which may be with us longer
than we think. "