The Antivirus maker Avast has disabled a major component of its antivirus engine to address a severe vulnerability that would have allowed attackers to hack into users’ PCs.
Ormandy pointed out that the main Avast antivirus process, AvastSvc.exe, which, runs as SYSTEM.
The service loads the low level antivirus engine, and analyzes
“Despite being highly privileged and processing
The vulnerability researcher also released a tool that he used in his tests.
Ormandy explained that this flaw is trivial to exploit, an attacker could trigger it by sending to a user running the flawed antivirus a malicious JS or WSH file via email, or tricking the victims into accessing a specially-crafted that contains
In a statement Avast sent to ZDNet, the antivirus maker confirmed that the mitigation action it
We have fixed this by disabling the emulator, to ensure our hundreds of millions of users are protected from any attacks. This won’t affect the functionality of our AV product, which is based on multiple security layers.” reads the statement released by the security firm.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.