McAfee, Norton, Trend Micro … BEHOLD KHOBE ATTACK!
May 6th, 2010
No comments
Few days ago, it was discovered that all desktop AntiVirus products are vulnerable to a technique that Malware can use to bypass SSDT (System Service Dispatch Table) Hooking on Windows Kernel Mode Drivers, which are used by all current Antivirus Vendors.
The KHOBE Attack (Kernel HOok Bypassing Engine) has been proven effective and demonstrated against virtualy every AntiVirus product in the market today!
UPDATE (2010/05/08): Trend Micro acknowledged the issue with no time-frame for a future solution, referring it’s customers to the “Trend Micro Threat Management Services” product.
