G DATA Software AG: Antivirus, Virenschutz, Virenscanner, Internet Security

“The exploitation of security flaws in computer programs is a successful way of infecting computers with malware. The bigger the circulation of an application, the more interest it attracts from malware writers wanting to exploit its flaws”, explains Ralf Benzmüller, head of G Data’s SecurityLab. “Another underestimated danger is the Autorun function. There is a range of malware that abuses this function. One example is Worm.Autorun.VHG, which uses Autorun to spread itself via USB stick or external HDD’s. People who don’t explicitly require the Autorun function should shut it down, just to be on the safe side.”

 

PDF documents usually count as harmless files and subsequently PDF readers are installed on most computers. However, the JavaScript function turns a PDF into a potentially dangerous format: An Acrobat JavaScript, which is imbedded in a PDF, is exploited, and used to prepare attacks, or contains flaws in its self, which are then used by attackers to sneak their own malicious codes in.

 

When and wherever it is appropriate and possible to do so, the JavaScript compatibility of the reader should be switched off. Another important measure is to keep the reader up to date with new updates, in order to be prepared and protected against new malware attacks. 

 

Methodology

The Malware Information Initiative (MII) focuses on the support of the online community and every G Data security solution customer can participate in this initiative. The only requirement to do so is that the function is activated within the G Data program. Data from a successfully defended malware attack is sent, completely anonymously, to the G Data SecurityLabs, where the information is then gathered and statistically evaluated.