Explore the vulnerabilities and security issues in antivirus software through this 58-minute conference talk presented by Joxean Koret at the 44CON Information Security Conference. Delve into the often-overlooked aspects of AV software security, from home systems to corporate and government servers. Discover techniques for vulnerability discovery and remote exploitation of AV software, with detailed examples of vulnerabilities in popular antivirus engines. Learn about attack surfaces, fuzzing statistics, and exploitation methods for various AV products including Forticlient, Kaspersky, Comodo, BitDefender, and DrWeb. Gain insights into decompression bombs, security-enhanced software, and remote root vulnerabilities. Conclude with valuable recommendations for AV companies to improve their product security, aiming to raise awareness among both users and vendors about the critical importance of securing antivirus solutions.