Abstract In 2009 we examined the effects of manipulating synchronization objects in security software suites frequently found on personal computers running Windows XP and Vista. The synchronization objects were mutexes and events, and the security software included products from AVG, Avast, Avira, BitDefender, BullGuard, CheckPoint, Eset, F-Prot, F-Secure, Kaspersky, McAfee, Microsoft (Security Essentials), Norman, Norton, Panda, PC Tools, Quick Heal, Symantec, and Trend Micro. The examinations revealed that nearly all suites suffered non-trivial faults originating from both standard and administrator accounts. The faults ranged from simple denial of service affecting the UI console and definition update service to scanner crashes and surreptitious suite shutdown. http://www.softwareintegrity.com/documents/Old-Dogs-and-New-Tricks.pdf
