Security researchers hunt for bugs in archive file formats

Written by James Delahunty @ 15 Apr 2010 9:34 User comments (2)

Security researchers have put attention on archive file formats such as RAR and ZIP files because of their potential security vulnerabilities. Up until recently many antivirus programs weren't capable of detecting malicious software in commonly used archival formats, but most antivirus vendors patched their products for better detection.

Tomislav Pericin, founder of RLPack, Mario Vuksan, an independent security researcher and Brian Karney, COO of Access Data, gave a presentation at the Black Hat security conference where they demonstrated how it is possible to tamper with popular archive formats to insert malicious code such as the Conficker worm.

Malware authors had been taking advantage of how packing malicious software in compressed archive files could trick security software, but antivirus companies stepped up efforts in detection of malware hidden in such files. However, the three researchers showed that it is still possible to evade gateway products that analyze file attachments.

"The problem is the AV vendors and the archive vendors have two different solutions. If they don't work in sync, the user can extract an archive on their PC, but the AV won't be able to, and that's a problem," Pericin said.

They found at least eight vulnerabilities in which security products failed to catch malicious files, and at least 30 other potential vulnerabilities.

Also demonstrated at the conference was how archive files can be used to embed secret content.

<Israel bans iPad from the country >Following Russian office raid, HP accused of bribery

2 user comments

116.4.2010 02:10

cart0181

Send private message to this user

Member

Related Articles:

Carpenters Use Wood to Build Things
Psychologists Study How Humans Think
Archeologists Find Dinosaur Hidden Beneath Layers of Rock

This message has been edited since its posting. Latest edit was made on 16 Apr 2010 @ 2:13

216.4.2010 06:24

KillerBug

Send private message to this user

AfterDawn Addict

Wait, they are attacking zip and rar? Why not just search for security holes in 3.5" floppy drives? No one would be dumb enough to use either of these formats to try to secure anything!

Comments have been disabled for this article.

	VLC hits milestone: over 5 billion downloads (16 Mar 2024 4:31) VLC Media Player, the versatile video-software powerhouse, has achieved a remarkable feat: it has been downloaded over 5 billion times. 1 user comment
	Sideloading apps to Android gets easier, as Google settles its lawsuit (19 Dec 2023 11:09) Google settled its lawsuit in September 2023, and one of the settlement terms was that the way applications are installed on Android from outside the Google Play Store must become simpler. In the future, installing APK files will be easier. 8 user comments
	Roomba Combo j7+ review - Clever trick allows robot vacuum finally to tackle home with rugs and carpets (06 Jun 2023 9:19) Roomba Combo j7+ is the very first Roomba model to combine robot vacuum with mopping features. And Roomba Combo j7+ does all that with a very clever trick, which tackles the problem with mopping and carpets. But is it any good? We found out.
	Neato, the robot vacuum company, ends its operations (02 May 2023 3:38) Neato Robotics has ceased its operations. American robot vacuum pioneer founded in 2005 has finally called it quits and company will cease its operations and sales. Only a skeleton crew will remain who will keep the servers running until 2028. 5 user comments
	How to Send Messages to Yourself on WhatsApp (20 Mar 2023 1:25) The world's most popular messaging platform, Meta-owned WhatsApp has enabled sending messages to yourself. While at first, this might seem like an odd feature, it can be very useful in a lot of situations. .... 18 user comments

	Guide: Is Your Wi-Fi Sluggish or Slow? Here's How to Fix Do you have problems with you Wi-Fi? Slow connection or is it cutting off constantly? This guide aims to remedy these problems. 1 user comment
	HOWTO: Install Netflix App on rooted Android device 'This app is no longer compatible with your device. Contact the developers for more info.' If you are getting this message from Google Play when trying to install Netflix, then maybe this little guide can help you.
	HOWTO: Boot Android device into Safe Mode Are you having trouble with your Android device? If you find that your device has become sluggish, is freezing, takes too long to boot or any of a host of other performance concerns, you may want to boot into Safe Mode.
	What happens if you don't update Android? Sometimes it can be tempting to avoid updating to a new Android version. What happens if you decide to delay major updates to the OS?
	GUIDE: Wi-Fi speeds are slow? Here are some tips Having problems with Wi-Fi speed and stability at home? Here are some tips to follow to alleviate the issues. 1 user comment

Security researchers hunt for bugs in archive file formats

2 user comments

Latest news

Reviews

Guides

News archive

Subscribe

Sections:

Follow us:

	Roomba Combo j7+ review - Clever trick allows robot vacuum finally to tackle home with rugs and carpets Roomba Combo j7+ is the very first Roomba model to combine robot vacuum with mopping features. And Roomba Combo j7+ does all that with a very clever trick, which tackles the problem with mopping and carpets. But is it any good? We found out.
	Review: Samsung Jet Bot 90 AI+ - a high-end robot vacuum cleaner Samsung's Jet Bot 90 AI+ is a top-class robot vacuum cleaner that can avoid obstacles and empty its own dust container. Here we review the product. 1 user comment
	Samsung Jet Bot 80+ review - excellent robot vacuum cleaner We review Samsung's Jet Bot 80+ robot vacuum cleaner over a period of three months. 1 user comment