Bug in Windows Kernel Could Prevent Security Software From Identifying Malware by Catalin Cimpanu.
From the post:
Malware developers can abuse a programming error in the Windows kernel to prevent security software from identifying if, and when, malicious modules have been loaded at runtime.
Continue on with Cimpanu for a good overview or catch Windows’ PsSetLoadImageNotifyRoutine Callbacks: the Good, the Bad and the Unclear (Part 1).
Symantec says proactive security includes:
- Inventory of Authorized and Unauthorized Devices
- Inventory of Authorized and Unauthorized Software
- Secure Configurations for Hardware & Software
- Constant Vulnerability Assessment and Remediation
- Malware Defense
But since Windows is closed source software, you can’t remedy the vulnerability. Whatever your cyberdefenses, closed source MS Windows leaves you vulnerable.
Eternal (possibly) vulnerability – the cost of closed source software.
It’s hard to think of a better argument for open source software.
Open source software need not be free, just open source so you can fix it if broken.
PS: Open source enables detection of government malware.