If you are a laptop owner, you might have used Avast once in your life as an antivirus. AVG and Avast Antivirus are well-known software used for years. Avast and AVG antivirus has been a part of our lives since 2012. Recently, Avast came under fire after two high-severity security vulnerabilities were being detected in the software.
You’ll be shocked to know that these security vulnerabilities have remained undetected for over ten years in the legitimate driver. Let’s discuss the AVG and Avast Antivirus security vulnerabilities that have become a threat to antivirus users.
On 5 May 2022, SentinelOne broke big news in the world of technology and reported that they found two high-severity security vulnerabilities in the AVG and Avast Antivirus software. The high-risk vulnerabilities constitute a significant concern for the Avast anti-rootkit driver. The anti-rootkit driver has been used in both AVG and Avast products since 2016.
Many people are using Avast Antivirus, and you know what that means? That means millions of users are vulnerable to security threats because if it is exploited, a driver can use the danger to escalate privileges at the kernel level. It is an alarming situation for the users of Avast and AVG as their data is not fully secured.
The two flaws that were being traced were CVE-2022-26522 and CVE-2022-26523. Avast released a new 22.1 version in February 2022 that was automatically applied to Avast and AVG installation customers to fix the issues. It is recommended that users use the premium version to patch immediately without automatic updates.
In his blog, the security threat researcher at SentinelOne Kasif Dekel, said that these security vulnerabilities were undetected for ten years and exploited in multiple contents. Other than just local privilege escalation, it can also trigger the vulnerabilities from the sandbox.
Moreover, he also explained his words with a few examples, such as vulnerabilities can perform sandbox escape, among other possibilities, and cause exploitation as part of a second stage browser attack. The antivirus vulnerabilities can be severe because they have access to all data present in your laptop. And require higher privileges than other softwares that are being downloaded on a device.
On the other hand, Avast’s spokesman broke their silence over the SentinelOne report. They said that Avast used industry-standard practices well known in the technology. They also explained the flaws by saying that vulnerabilities were first discussed privately with the makers and affected technology and allowed the makers some time to fix them.
Avast also said that on 8 February, an auto-updations was performed of a new version to help users remove the bug, among other vulnerabilities. Moreover, they added that it is a common practice for companies to fix vulnerabilities.
It is common for research companies to write about the flaws they found in software to make users aware, and that’s what SentinelOne does. On the other hand, Avast and AVG have answered the security questions raised on them, and they are trying to make the software better for the users.
Rogue Logics provides in-depth security services for the assessment and protection of your application, data, and infrastructure against potential threats on-prem or in the cloud. Want a consultation with the professionals at Rogue Logics? Contact us and get a free quote.