Virus writers have begun to use code-morphing techniques to avoid detection by anti-virus software by altering the machine code of the virus program while maintaining its malicious functionality. Thus, the signature of the virus is changed and detection by anti-virus software is avoided.
In short, anti-virus software is not foolproof. On February 25, 2005, for example, a critical vulnerability was reported in the anti-virus engine used by Trend MicroÂ’s complete product line of client, server, and gateway security products. For that month alone, it was, in fact, the third report of flaws found in recognized security firmsÂ’ anti-virus software.
Although reported vulnerabilities in security products are more rare than they are in operating systems such as Windows, they do indeed exist. For example, the well-recognized Symantec company has had 108 reported vulnerabilities in its products (including Anti-Virus, Norton Utilities, Raptor Firewall, NetProwler, Anti-Spam, Web Security, Gateway, and others). Trend Micro has had 59 reported vulnerabilities in its products (including OfficeScan and VirusBuster), and F-Secure has had 12 reported vulnerabilities in its products (including Policy Manager, Backweb, and Anti-Virus).
Therefore, because anti-virus software products do have vulnerabilities, they tend to provide a false sense of security to purchasers who think they are 100% reliable. Though users buy firewalls to halt Â“bad traffic,Â” they can inadvertently install software that allows intruders into their system.