Researchers Disclose 10-Year-Old Vulnerabilities in Avast and AVG Antivirus

MuzzMelbourne

Level 5
Thread author
Mar 13, 2022
156
Two high-severity security vulnerabilities, which went undetected for several years, have been discovered in a legitimate driver that's part of Avast and AVG antivirus solutions.

"These vulnerabilities allow attackers to escalate privileges enabling them to disable security products, overwrite system components, corrupt the operating system, or perform malicious operations unimpeded," SentinelOne researcher Kasif Dekel said in a report shared with The Hacker News.

 

Gandalf_The_Grey

Level 61
Verified
Helper
Top poster
Content Creator
Well-known
Apr 24, 2016
5,050
From that article:
Following responsible disclosure on December 20, 2021, Avast addressed the issues in version 22.1 of the software released on February 8, 2022. "Rootkit driver BSoD was fixed," the company said in its release notes.

While there is no evidence that these flaws were abused in the wild, the disclosure comes merely days after Trend Micro detailed an AvosLocker ransomware attack that leveraged another issue in the same driver to terminate antivirus solutions on the compromised system.
 

upnorth

Moderator
Verified
Staff member
Malware Hunter
Well-known
Jul 27, 2015
4,879
A discovered backdoor? :unsure:

Naah probably not, but it has happened before and some major companies /vendors has been caught over the years. The upcoming research by others into this specific case will for sure be interesting to follow.