Advice Request Antiviruses that use hypervisor, worth it?

Please provide comments and solutions that are helpful to the author of this topic.

Do you agree with the author that antivirus shouldn't mess with the system that way?

  • Yes. They shouldn't need to do that

    Votes: 5 41.7%
  • No. It's necessary to protect users

    Votes: 7 58.3%

  • Total voters
    12

Azure

Level 28
Thread author
Verified
Top Poster
Content Creator
Oct 23, 2014
1,712
Here's a few quotes from the article:

"There is a problem where some anti-virus vendors are using techniques to bypass Kernel Patch Protection by injecting a hypervisor which they use to intercept syscalls and make assumptions about memory locations — memory locations which are now changing with the Meltdown fixes."

"Please stop using goofy, undocumented and hacky ways to predict memory locations and mess with syscalls. There’s 5 key vendors doing this (and lots of OEM vendors licensing engines): please tidy up the code.
Source: Important information about Microsoft Meltdown CPU security fixes, antivirus vendors and you

What is your opinion on this?
 

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
What is your opinion on this?
That the author should focus his energy on the culprit.

aNHJUhUA_o.gif
 
5

509322

That the author should focus his energy on the culprit.

aNHJUhUA_o.gif

And what does everyone propose - a new replacement system for everybody ?

Nice thought, but it ain't gonna happen. Ever. The end result of that is Intel out-of-business.

No government is going to force Intel into that solution.

Now, the post-problem solution involves everyone, and the usual actors - Microsoft, the OEMs, and the choice AV actors in the article, are hacking it.
 
  • Like
Reactions: Electr0n

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top