–
Two serious vulnerabilities have been discovered in the Czech antivirus applications Avast and AVG, which have been undetected and present for ten years and have threatened millions of users.
For their presence warned the American company SentinelOnewhich coincidentally in The Czech Republic is building a development with three hundred people and an investment of around a billion crowns.
SentinelOne reported everything to Avast in December 2021. The company released an update with the designation in January 22.1. SentinelOne does not currently observe active abuse and points out that Avast cooperated immediately after the report.
The vulnerabilities have been labeled CVE-2022–26522 a CVE-2022–26523. Avast Anti Rootkit drivers introduced in January 2012 were found. The technology was also adapted by AVG, which Avast bought in 2016 for $ 1.3 billion.
“These vulnerabilities allow attackers to elevate privileges, which can disable security products, overwrite system components, damage the operating system, or perform malicious operations without interruption,” SentinelOne said.
The first vulnerability occurs within the socket connection handler in the kernel driver aswArPot.sys. The second is similar and concerns aswArPot + 0 × bb94. Details are here.
–
–
