Avast and AVG security vulnerabilities in both applications

Security researchers at Sentinel One they discovered σοβαρές ευπάθειες στα προϊόντα ασφαλείας της Avast και της AVG που υπάρχουν εδώ και 10 χρόνια και θέτουν σε κίνδυνο εκατομμύρια χρήστες. Τα τρωτά σημεία βρίσκονται στον driver anti-rootkit της Avast (το οποίο χρησιμοποιείται επίσης από την AVG).

avast avg

Intruders can use vulnerabilities to capture the entire Windows system.

Avast and AVG are among the most widely used antivirus programs, and the existence of the two security gaps puts many users around the world at risk from in cyberspace.

CVE-2022-26522 and CVE-2022-26523

The Anti Rootkit driver developed by Avast is supposed to protect Windows systems from installing rootkits. When the Avast bought AVG, the same driver was adopted in both protection applications.

Unfortunately, older versions of the driver had the CVE-2022-26522 and CVE-2022-26523 vulnerabilities discovered by Sentinellabs. Both vulnerabilities are labeled with a high degree of severity, as they make users' systems vulnerable to highly effective attack methods. Intruders can gain increased privileges which allows them to run code in kernel mode with normal user rights.

Security vulnerabilities not only allow permissions to increase but also disable security products, replace system components, corrupt the operating system, or run malware unhindered. This can be achieved because the anti-rootkit driver operates at the highest level of operating system privileges.

Avast was warned in December 2021

Security researchers informed Avast of their findings in December 2021. Since then the releases security updates.
At this time, SentinelLabs has no evidence that exploit is currently in use.

According to Avast, the vulnerable driver was added to Avast 12.1, which was released in January 2012.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.
Avast, AVG, iguru

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).