Security News > 2020 > October > New Flaws in Top Antivirus Software Could Make Computers More Vulnerable

New Flaws in Top Antivirus Software Could Make Computers More Vulnerable
2020-10-06 11:02

Cybersecurity researchers today disclosed details of security vulnerabilities found in popular antivirus solutions that could enable attackers to elevate their privileges, thereby helping malware sustain its foothold on the compromised systems.

According to a report published by CyberArk researcher Eran Shimony today and shared with The Hacker News, the high privileges often associated with anti-malware products render them more vulnerable to exploitation via file manipulation attacks, resulting in a scenario where malware gains elevated permissions on the system.

Chief among the flaws is the ability to delete files from arbitrary locations, allowing the attacker to delete any file in the system, as well as a file corruption vulnerability that permits a bad actor to eliminate the content of any file in the system.

Subsequently, CyberArk researchers also explored the possibility of creating a new folder in "C:ProgramData" before a privileged process is executed.

To top it all, a DLL hijacking flaw in Trend Micro, Fortinet, and other antivirus solutions could have been exploited by an attacker to place a malicious DLL file into the application directory and elevate privileges.


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/rb3hyE_wMfY/antivirus-software-vulnerabilities.html