BuyLow.com Computers And Internet - Internet Security, Computers, Mobile Devices, Networks

BuyLow.com | Resources | Contact Us


 

Coordinating Virus and Spyware Defense

by CERT

Using anti-virus and anti-spyware software is an important part of cyber security. But in an attempt to protect yourself, you may unintentionally cause problems.

Isn’t it better to have more protection?

Spyware and viruses can interfere with your computer’s ability to process information or can modify or destroy data. You may feel that the more anti-virus and anti-spyware programs you install on your computer, the safer you will be. It is true that not all programs are equally effective, and they will not all detect the same malicious code. However, by installing multiple programs in an attempt to catch everything, you may introduce problems.
How can anti-virus or anti-spyware software cause problems?

It is important to use anti-virus and anti-spyware software (see Understanding Anti-Virus Software and Recognizing and Avoiding Spyware for more information). But too much or the wrong kind can affect the performance of your computer and the effectiveness of the software itself.

Scanning your computer for viruses and spyware uses some of the available memory on your computer. If you have multiple programs trying to scan at the same time, you may limit the amount of resources left to perform your tasks. Essentially, you have created a denial of service against yourself (see Understanding Denial-of-Service Attacks for more information). It is also possible that in the process of scanning for viruses and spyware, anti-virus or anti-spyware software may misinterpret the virus definitions of other programs. Instead of recognizing them as definitions, the software may interpret the definitions as actual malicious code. Not only could this result in false positives for the presence of viruses or spyware, but the anti-virus or anti-spyware software may actually quarantine or delete the other software.
How can you avoid these problems?

* Investigate your options in advance – Research available anti-virus and anti-spyware software to determine the best choice for you. Consider the amount of malicious code the software recognizes, and try to find out how frequently the virus definitions are updated. Also check for known compatibility issues with other software you may be running on your computer.

* Limit the number of programs you install – Many vendors are now releasing packages that incorporate both anti-virus and anti-spyware capabilities together. However, if you decide to choose separate programs, you really only need one anti-virus program and one anti-spyware program. If you install more, you increase your risk for problems.

* Install the software in phases – Install the anti-virus software first and test it for a few days before installing anti-spyware software. If problems develop, you have a better chance at isolating the source and then determining if it is an issue with the software itself or with compatibility.

* Watch for problems – If your computer starts processing requests more slowly, you are seeing error messages when updating your virus definitions, your software does not seem to be recognizing malicious code, or other issues develop that cannot be easily explained, check your anti-virus and anti-spyware software.

4 Responses to “Coordinating Virus and Spyware Defense”

RSS BugTraq

  • [SECURITY] [DSA 2100-1] New openssl packages fix double free
    Posted by Moritz Muehlenhoff on Aug 30------------------------------------------------------------------------ Debian Security Advisory DSA-2100-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff August 30, 2010 http://www.debian.org/security/faq ------------------------------------------------------------------------ Package : opens […]
  • Re: [Full-disclosure] QtWeb Browser version 3.3 build 043 Insecure DLL Hijacking Vulnerability (wintab32.dll)
    Posted by security curmudgeon on Aug 30: 1. OVERVIEW : : The QtWeb Browser application is vulnerable to Insecure DLL Hijacking : Vulnerability. Similar terms that describe this vulnerability have been : come up with Remote Binary Planting, and Insecure DLL : Loading/Injection/Hijacking/Preloading. : 3. VULNERABILITY DESCRIPTION : : The QtWeb Browser applicat […]
  • [ MDVSA-2010:165 ] libHX
    Posted by security on Aug 30 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:165 http://www.mandriva.com/security/ _______________________________________________________________________ Package : libHX Date : August 30, 2010 Affected: 2009.0, 2009.1, 2010.0, 2010.1 _________________________ […]
  • {Lostmon - Groups} Safari for windows Invalid SGV text style Webkit.dll DoS
    Posted by Lostmon lords on Aug 30################################################### Safari for windows Invalid SGV text style Webkit.dll DoS Vendor URL:www.apple.com Advisore:http://lostmon.blogspot.com/2010/08/safari-for-windows-invalid-sgv-text.html Vendor notify :Yes exploit available :YES ################################################### Safari browse […]
  • R7-0036: FCKEditor.NET File Upload Code Execution
    Posted by HD Moore on Aug 30R7-0036: FCKEditor.NET File Upload Code Execution August 30, 2010 -- Vulnerability Details: FCKEditor contains a file renaming bug that allows remote code execution. Specifically, it is possible to upload ASP code via the ASP.NET connector¬† in FCKEditor. The vulnerability requires that the remote server be running IIS. This vulne […]