360 Odd Tiger Prosecution Rising: A Vulnerability Triggered Lawsuits

Anti-virus industry saliva war broke out again. Tiger Rising, and odd characters is 360?? Domestic two quite reputable security company, antivirus software because of accusations of possession of the “back door” and to wrangle together.

1 23, Poland exposure RISING Antivirus security agencies, there are two vulnerabilities that hackers use loopholes Rising obtain control of the system. 360 developed this emergency temporary patch for Rising users to download and install.

However, the situation was followed by a mutation. February 2, Rising claimed that 360 security guards did not follow the normal operating system security mechanisms, the direct bypass the system security checks, it has a “back door” function, there is a huge security risk. They believe that “hackers can use the back door to the system registry and user information (files) for any operation.”

This, the odd tiger 360 Xiang-Dong Qi, president openly said that Rising in the past two years has been vilified and maliciously suppressed the 360 free. 360 recent public defamation, “a back door”, is intended to cause panic 360 users to transfer 4.2 million yuan bribe the public on the Rising Police Commissioner manufacturing false, frame-up cases of rival micro-point line of sight.

For the company blamed Rising, odd tiger 360 in rebuttal at the same time, is a piece of paper Zhuangzhi the Rising court.

Two companies have developed anti-virus software not installed in the end “back door”? Saliva in the battle, who mislead the public?

Disaster vulnerability from 1 23, the Polish security organizations NTInternals posted on its Web site a notice, saying the organization a year ago found that there are two holes Rising Antivirus, Rising and secretly communicated to the company, but the company still Rising only “part of the fix” the first vulnerability, the second flaw is “not repair.” So, NTInternals Rising procedures in accordance with Bank rules loophole exposed to warning.

Polish security organization on January 23 exposed RISING Antivirus existence of two “local to mention the right to” 0day vulnerabilities and Poland called themselves back in September 2008 and April 2009 respectively, will report to the the Rising. 5 days later, news reached China. Rising company issued a statement saying the two holes in May 2009 have been completely repaired. Rising quickly to say

Nanjing University Department of Computer Software Group exposed. The latter found that the two vulnerabilities still exist. Rising only issued a statement, renamed “Internet users will not affected by this vulnerability.”

This, Nanjing University, Department of Computer Software Group, said: “there is such a serious security software security vulnerabilities are rare. Rising of the second vulnerability has not repaired, the system can allow a hacker to obtain the highest authority, so that the user’s computer as well as government agencies and complete loss of business defense capabilities within the network. “

Nanjing Qihoo 360 to say the experiment with the same result: Rising vulnerability has not been repaired, but using these two vulnerabilities exploit code has begun to spread a large area, is likely to be used to attack the 360 and so on other security software. 360 emergency developed for this temporary patch for Rising users to download and install.

For Rising company said “local mention power” loophole has no effect on the user’s statement, 360 security experts Dr. Shi Xiaohong told ” IT Time “:” ‘Local mentioning right’ is the security industry a huge loophole against common sense. Any software vulnerabilities are possible, but to a huge loophole that paired against users ‘no impact’, is not a qualified security company should have practices. “

It is understood that the local industry to raise the general level of security loopholes in the definition of power as “high risk” if anyone discovered the power of Microsoft’s local mention of loopholes in the circle of foreign hackers black market prices of private transactions can reach several million dollars a . The Rising of the vulnerabilities are flaws in the most damaging to mention the right of the “core mention power” loophole, the scariest aspect is the vulnerability is triggered if the attacker can manipulate the system can manipulate all the resources to do whatever we want to do, No security measures can prevent.

Appears in some of the industry is the move, let that be the odd tiger Rising 360 attacks and quickly respond. February 2, Rising disclosure, there are 360 security guards, “local mentioning right” loopholes, and affect all version of the 360 security guards. Rising also alleged that the flaw was in November 2009 after the burst, up to 3 months at the time, 360 odd tiger did not make any reaction. Rising said that Polish security organizations NTInternals also confirmed the existence of this vulnerability 360.

The loophole exposed face of Rising, 360 area, said before receiving a secret security organizations NTInternals notification, immediately launched an emergency “loophole response repair mechanism”, has developed a patch, the upgrade is complete you can fix vulnerabilities. And found that the vulnerability NTInternals public thanks.

Since then, the two companies beginning of the war.

Refute and counter refute War of words with both the upgrade, a farce to refute and counter-refuted more and more intense.

As 360 attacks, the first Rising fire, claiming 360 to the user computer to install the “back door” to read any file the user privacy. Moreover, the 360 not only does not recognize their own problems, but by removing the network news, personal blog, post and other means to trick users gunmen to cover up the truth and confuse the public. Finally, to prove it’s true, Rising has announced 360 “back door” part of the technical details and use the code, but use the code and was then removed from the official website.

Rising correspondents was told, to the user computer manufacturers to install “back door”, in violation of the principles of any security software development, are serious “hack” behavior. And installed “back door” of the 360 software, in fact, has become a “hacking software”, has violated China’s criminal law.