New Flaws in Top Antivirus Software Could Make Computers More Vulnerable

Discussion in 'other anti-virus software' started by mood, Oct 5, 2020.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    33,336
    New Flaws in Top Antivirus Software Could Make Computers More Vulnerable
    October 5, 2020
    https://thehackernews.com/2020/10/antivirus-software-vulnerabilities.html
    CyberArk: Anti-Virus Vulnerabilities: Who’s Guarding the Watch Tower?
     
  2. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    5,852
    Location:
    USA
    Thanks for these. I was just wondering what the current state of things was where this issue is concerned.
     
  3. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,044
    Location:
    U.S.A.
    The Group Policy vulnerability noted in Part 3 of the blog series took Microsoft a full year to patch.:rolleyes:

    I will also note that Installers overall "are a clear and present danger."
     
  4. waking

    waking Registered Member

    Joined:
    Jan 25, 2016
    Posts:
    60
    The first article states:

    "The bugs impact a wide range of antivirus solutions, including those from
    Kaspersky, McAfee, Symantec, Fortinet, Check Point, Trend Micro, Avira,
    and Microsoft Defender, each of which has been fixed by the respective vendor."


    In some cases you can get details on the status of the specific CVEs at a
    vendor's web site(s). For example, the article lists CVE-2020-25043,
    CVE-2020-25044, CVE-2020-25045 affecting Kaspersky products. You will find
    confirmation that these CVEs have been fixed here:

    https://support.kaspersky.com/general/vulnerability.aspx?el=12430

    Those CVEs are addressed in the Advisory issued on 29th July, 2020.
     
  5. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    6,381
    Also from the second :
    "While each of these vulnerabilities have now been fixed, I would to specifically recognize the Kaspersky PSIRT team, who were quick to respond to the bug reports and issue a patch for the vulnerabilities."
     
  6. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    5,852
    Location:
    USA
    I saw that they were fixed. My larger concern still unanswered is what of the major vendors that were not mentioned? Not fixed, not tested, or didn't have the issue to begin with?
     
  7. assersegsten

    assersegsten Registered Member

    Joined:
    Sep 13, 2016
    Posts:
    69
    Location:
    denmark
    Hi, I hope didn't have the issue, to begin with.o_O
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.