Researchers Disclose 10-Year-Old Vulnerabilities in Avast and AVG Antivirus

MuzzMelbourne

Level 15
Thread author
Verified
Top Poster
Well-known
Mar 13, 2022
599
Two high-severity security vulnerabilities, which went undetected for several years, have been discovered in a legitimate driver that's part of Avast and AVG antivirus solutions.

"These vulnerabilities allow attackers to escalate privileges enabling them to disable security products, overwrite system components, corrupt the operating system, or perform malicious operations unimpeded," SentinelOne researcher Kasif Dekel said in a report shared with The Hacker News.

 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,505
From that article:
Following responsible disclosure on December 20, 2021, Avast addressed the issues in version 22.1 of the software released on February 8, 2022. "Rootkit driver BSoD was fixed," the company said in its release notes.

While there is no evidence that these flaws were abused in the wild, the disclosure comes merely days after Trend Micro detailed an AvosLocker ransomware attack that leveraged another issue in the same driver to terminate antivirus solutions on the compromised system.
 

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,457
A discovered backdoor? :unsure:

Naah probably not, but it has happened before and some major companies /vendors has been caught over the years. The upcoming research by others into this specific case will for sure be interesting to follow.
 

Kiss

Level 4
Verified
Well-known
Oct 6, 2021
155
They are following the same path as comodo, it's embarrassing for a security company to have decades-old vulnerabilities, the avast team is unfortunately very weak, if I were an avast user I would be very worried right now.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top