Because our Metascan technology runs on Windows, we receive a lot of questions about malware designed for Linux, Android, iOS and other operating systems getting past the antivirus engines embedded in Metascan. Will a file infected with non-Windows based malware be detected by antivirus engines running on Windows?
The answer is yes! Many antivirus engines incorporate virus definitions for all operating systems, regardless of the system the engine will be installed on. As an illustration, we submitted a number of files with known non-Windows targeted infections to Metascan Online. The results linked to below show that for each threat sample a large number of antivirus engines detected that the file is infected.
Linux
Backdoor: Detection by 29/43 antivirus engines
DoS: Detection by 25/43 antivirus engines
Exploit: Detection by 27/43 antivirus engines
Flooder: Detection by 27/43 antivirus engines
Hacktool: Detection by 23/43 antivirus engines
Net-Worm: Detection by 19/43 antivirus engines
Trojan: Detection by 29/43 antivirus engines
Virtool: Detection by 26/43 antivirus engines
Virus: Detection by 24/43 antivirus engines
Android
Trojan: Detection by 26/43 antivirus engines
Exploit: Detection by 27/43 antivirus engines
iOS
Spyware: Detection by 17/43 antivirus engines
Worm: Detection by 17/43 antivirus engines
The results above show that anti-malware engines running on Windows, such as those embedded within Metascan, do detect files infected with non-Windows directed malware.
Though Linux based malware can be detected by antivirus engines running on Windows, many organizations prefer Linux based software for other security and stability reasons. For those customers, we also have plans to offer a Linux version of Metascan in the future that embeds Linux versions of engines as well as a Linux version of MetaDefender.
