28
New Windows security exploit turns it into malware and hijacks your antivirus
A report asserts your antivirus software could be hijacked by offenders and use it to start a cyber attack against your personal computer.
The researchers who carried out the report claim that several of the top antivirus programs and applications could be hijacked and turned into malware to be able to perform a particularly nasty strike against the ill-fated sufferer….
Our researchers found an undocumented skill of Application Verifier that provides an attacker the capacity to replace the conventional verifier with his own custom verifier,” Cybellum described.
An attacker can use this skill to inject a custom verifier into any program. Once the custom verifier was injected, the attacker has complete control over the program.”
The assault dubbed targets Microsoft Application Verifier program which programmers utilize to find and repair bugs in applications or programs, Agent.
As soon as they have control, the offenders could subsequently make use of the antivirus applications that is hijacked to take control of the casualty’s computer.
Security goods like McAfee, Norton, Malwarebytes, Trend Avast Micro and Kaspersky were changed.
Cybellum says it’s reported its findings to the affected firms, a few of which are attempting to issue fixes for the exploit.
Avast has said it’s fixed the issue.
“It’s crucial that you notice once that’s the instance, there are many other methods to cause damage or alter the underlying operating system itself and that the exploit requires administrator privileges to run the strike,” Avast said.
“So, we rate the harshness of Cybellum’s emphasis on the danger of this use to be overstated and the problem as ‘low’.”
There are no comments.