Your browser is obsolete!

The page may not load correctly.

  • add to favourites
    Add to Bookmarks

Vulnerabilities and an anti-virus

Read: 611 Comments: 3 Rating: 8

Can an anti-virus protect a system from vulnerabilities? That's a weird question, but sometimes people ask it. An anti-virus scans files and processes generated by executed files, and vulnerability scanners are used to detect loopholes. Thus, the two different products are performing different tasks, but there’s more to it than that.

Vulnerabilities can roughly be divided into two categories. The first category includes loopholes, which are known to developers who release security patches to close them, and the second includes unknown software flaws for which no security updates exist. Vulnerability scanners only recognise loopholes belonging to the first category, and if you've installed all the updates available for your system, it is protected from exploits that abuse known vulnerabilities (if you are a software developer yourself or if your machine runs a web server, the situation can be different, but as far as popular applications go, you’re safe).

However, unknown vulnerabilities do exist in your system, and you should get used to that fact because nobody (including the scanners and anti-viruses) knows about them.

But does this mean that nothing can be done?

Not at all because vulnerabilities come in all shapes and sizes. For example, the loopholes exploited by WannaCry merely enabled the malware to upload a file onto a targeted machine and launch it. But if an anti-virus file monitor is running on that computer, it will check that file, and, if it appears suspicious, it will prevent it from being launched. This happened to WannaCry on machines that were protected with Dr.Web. A file monitor doesn't care about vulnerabilities. It does its job regardless of any known or unknown loopholes being present or absent in a system.

You can theoretically find an exploit that will not only deploy malware in a system but shut down the anti-virus as well. But in real life things like that happen very rarely, and home PC users aren't likely to experience anything of this kind.

The situation when an exploit injects malicious code into running processes is more common. But Dr.Web’s anti-rootkit and anti-exploit modules will protect your system from these threats too.

Dr.Web recommends

An anti-virus protects computers from various threats, including exploits which take advantage of unknown vulnerabilities.

Rate this issue and receive Dr.Weblings! (1 vote = 1 Dr.Webling)

Sign in and get 10 Dr.Weblings for sharing the link to this issue via social media.

[Twitter]

Unfortunately, due to Facebook's technical limitations, Dr.Weblings cannot be awarded. However, you can share this link with your friends for free.

Tell us what you think

Leave your comment on the day of publication and get 10 Dr.Weblings, or get 1 Dr.Webling for a comment posted any other day. Comments are published automatically and are reviewed by a moderator. Rules for leaving comments about Doctor Web news items.

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments