Stick and Stones may Break my Bones but Words will Pass Through me Undetected?

The big scare story of this week is based on recent research demonstrating a technique to write shellcode that resembles English text.
Some bright spark naively suggested that this will make the shellcode almost impossible for anti-virus scanners to detect. Yeah right, never heard that one before! Predictably, however, scaremongers are now jumping on the bandwagon and proclaiming the defeat of anti-virus.

The following paragraph apparently contains the start of some shell code which can be used to bootstrap arbitrary code execution on your PC:
“There is a major center of economic activity, such as Star Trek, including The Ed Sullivan Show. The former Soviet Union. International organization participation.”

So has your PC just been infected by reading this? Of course not.
No text in the world is going to execute malicious behaviour on your PC while it is just being interpreted as plain text. Even though bytes within the above paragraph also represent a legitimate sequence of CPU instructions they have to be placed somewhere where they will actually be executed as CPU instructions before they can actually do anything.
So, if the above words appear in a plain text file, or within this blog article, SAV is probably not going to take much notice of them. However, if they appear within an executable section of a windows program, or (continue reading...)