Network administrators are becoming so security-conscious that they may be doing more harm than good to their network. The networks most at risk? Those that use more than one anti-virus engine.

Anti-virus programs can be affected by bugs, just like any other computer software program. Increasing the number of anti-virus engines at work on a particular network increases the likelihood that your anti-virus vulnerabilities will show up when you least want them to.

Analysts at n.runs AG have been looking at anti-virus engines for the past two years, and have found at least 80 bugs in various parsers, most of which have never been patched. The parser takes apart data packets, so a bug in the parser can have serious consequences if a malefactor is able to exploit the bug.

Compounding the problem is the fact that most anti-virus software packages run with higher administrative privileges than most other software packages do. According to n.runs, between 2002 and 2005, nearly half of the parser vulnerabilities discovered in anti-virus software packages were remotely exploitable. The percentage of remotely exploitable bugs has increased to about eighty percent.

Other industry analysts believe that security software is less vulnerable not because it isn't flawed, but rather because the targets are too high profile, and vulnerabilities would quickly be closed if they were exploited. Also, criminals are enjoying easier success with the methods they now use, such as phishing scams.