http://www.theregister.co.uk/2010/05...tch_av_bypass/
Most Anti-Virus systems on windows work by "hooking" that is to say intercepting the calls made between a users program, for example a web browser, and the underlying operating system.
Be it Linux, Windows or BSD, there are a bunch of services offered by the kernel to the users program. A virus scanner can look at how it uses these often to determine if something is potentially dangerous, if so it will read the whole program and analyse it for know patterns.
But if you've got a multi-core system, you can effect have someone manipulating the program, whilst its been inspected, simultaneously.
Its quite a hard one to solve because most attacks are not concurrent right now, its very very hard to understand all of the possible attack vectors. There was a really interesting paper a few months back about how certain cryptographic concepts can be spied upon by looking at the voltage fluctuations, and a very in depth understanding of the structure of the cores on the CPU.
Back in the first old days of the net, most machines where left pretty much open, telnet on standard ports. People slowly came about (MS slower noteably than others!) to realising the importance of spending time and limiting functionality.
But this could be a bit brave new world, as it makes obfuscation from the heuristic scanners a lot harder.
This might just bore everyone here, but hopefully some will find it interesting....