Avast and AVG security vulnerabilities in both applications

Security researchers at Sentinel One they discovered two serious vulnerabilities in Avast and AVG security products that have been around for 10 years and endanger millions of users. The vulnerabilities are in Avast's anti-rootkit driver (which is also used by AVG).

avast avg

Intruders can use vulnerabilities to capture the entire Windows system.

Avast and AVG applications are among the most widely used antivirus programs, and the existence of the two security vulnerabilities puts many users around the world at risk of cyber attacks.

CVE-2022-26522 and CVE-2022-26523

The Anti Rootkit driver developed by Avast is supposed to protect Windows systems from installing rootkits. When the Avast bought AVG, the same driver was adopted in both protection applications.

Unfortunately, older versions of the driver had the CVE-2022-26522 and CVE-2022-26523 vulnerabilities discovered by Sentinellabs. Both vulnerabilities are labeled with a high degree of severity, as they make users' systems vulnerable to highly effective attack methods. Intruders can gain increased privileges which allows them to run code in kernel mode with normal user rights.

Security vulnerabilities not only allow permissions to increase but also disable security products, replace system components, corrupt the operating system, or run malware unhindered. This can be achieved because the anti-rootkit driver operates at the highest level of operating system privileges.

Avast was warned in December 2021

Security researchers informed Avast of their findings in December 2021. Since then, the company has been releasing security updates.
At this time, SentinelLabs has no evidence that exploit is currently in use.

According to Avast, the vulnerable driver was added to Avast 12.1, which was released in January 2012.

iGuRu.gr The Best Technology Site in Greece
Follow us on Google News

Avast, AVG, iguru

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).