Are any AV vendors marketing themselves as more secure than the competition, with technically founded evidence? Such as memory-safe PLs, VM or OS sandboxes, running 3rd party native code in an emulator, bug bounties, etc.<p>Though probably their customers are mainly corporate "intranet" environments where users open random content with Acrobat, Office etc and the high bit is to just halve (1) the daily mass malware infections - which are not av focused yet.<p>(1) or whatever the average AV detection rate is these days.
Wow, this is a neat exploit. It breaks ASLR with a static payload, only employing some decompression tricks to combine randomized addresses with fixed ROP targets. I like the technique and I think it could be more generally applied to file exploits.
I've been using computers my entire life but this read like it was in Greek to me. Very impressive that people out there actually understand all that stuff. I'm not sure where to begin learning about that.
The way the author uses the RAR decoder engine itself to mutate parts of an existing (randomized) function pointer, defeating ASLR, is pretty damn neat.