- Jun 9, 2013
- 6,720
One of Google's security experts found a zero-day exploit inside the Avast antivirus, which the company has recently patched.
The researcher is Tavis Ormandy, one of Google's Project Zero engineers, the same man that discovered a similar zero-day exploit in Kaspersky's antivirus exactly a month ago.
According to Ormandy's research, the bug manifested itself when users would access Web pages protected through HTTPS connections.
Avast was performing a "legal" MitM for SSL connections
Because the Avast antivirus would tap into encrypted traffic so it could scan for threats but was using a faulty method for parsing X.509 certificates, this would have allowed attackers (if aware of the issue) to execute code on the users' computer.
The only condition was that users would access a malicious HTTPS website, which is not such a far-fetched scenario.
Ormandy released a proof-of-concept on Project Zero's Google Group after the antivirus company issued a fix.
Full article. Zero-Day Exploit Found in Avast Antivirus
The researcher is Tavis Ormandy, one of Google's Project Zero engineers, the same man that discovered a similar zero-day exploit in Kaspersky's antivirus exactly a month ago.
According to Ormandy's research, the bug manifested itself when users would access Web pages protected through HTTPS connections.
Avast was performing a "legal" MitM for SSL connections
Because the Avast antivirus would tap into encrypted traffic so it could scan for threats but was using a faulty method for parsing X.509 certificates, this would have allowed attackers (if aware of the issue) to execute code on the users' computer.
The only condition was that users would access a malicious HTTPS website, which is not such a far-fetched scenario.
Ormandy released a proof-of-concept on Project Zero's Google Group after the antivirus company issued a fix.
Full article. Zero-Day Exploit Found in Avast Antivirus