

Project Zero: Analysis and Exploitation of an ESET Vulnerability - taviso
http://googleprojectzero.blogspot.com/2015/06/analysis-and-exploitation-of-eset.html

======
wouterdutoit
Not that it matters in this instance, but AV companies forcing you to turn off
other security mechanisms(ie. SELinux) should really raise more red flags.

~~~
gruez
I don't see a better solution. Antiviruses are required to be invasive for
behavioral based detection. The alternative would be to have a
modified/patched kernel or forgo behavioral analysis completely.

------
mappu
I'm a little nervous about the disclosure timeframes here. This post with
exploit code was released only ~24 hours after the patch. Would it have been
impossible to allow a slightly longer window for long-tail users to update?

------
noondip
> _On MacOS ... ESET opt-out of DEP by not setting the MH_NO_HEAP_EXECUTION
> flag in their Mach header_

Doesn't Xcode by default mark heap as non-executable?

~~~
nullymcnull
Yes, by setting the MN_NO_HEAP_EXECUTION flag in the Mach header..

------
ape4
ESET is still the best antivirus in my opinion. Doesn't drag down the
machine's performance. Few negatives. The most real positives. - just a
customer.

~~~
tptacek
Few negatives. The most real positives. Is, in a meaningful sense, itself a
kind of dangerous malware. Verdict: best A/v product.

~~~
aiiane
"This Satan guy is still the best babysitter in my opinion. Doesn't cost a
fortune, always has the kids in bed when we get home, and they love him. Only
requires us to sacrifice one of them on an altar to him when they reach middle
school."

