Latest in Gear

Image credit: Tero Vesalainen via Getty Images

Multiple antivirus apps are vulnerable to common security flaws

At least 28 apps were exposed until recent fixes.
Jon Fingas, @jonfingas
April 26, 2020
437 Shares
Share
Tweet
Share

Sponsored Links

Man installing software in laptop in dark at night. Hacker loading illegal program or guy downloading files. Cyber security, piracy or virus concept.
Tero Vesalainen via Getty Images

Some antivirus tools are more resilient than others, but it appears that many of them had weaknesses in common. Rack911 Labs has revealed (via ZDNet) that 28 well-known antivirus programs, including Microsoft Defender, McAfee Endpoint Security and Malwarebytes, either had or have bugs that would let attackers delete necessary files and prompt crashes that could be used to install malware. Known as “symlink races,” they use symbolic links and directory junctions to link malicious files to legitimate ones during the time between scanning a file for viruses and when it’s removed.

The approach not only works across security suites, but across platforms. You just need different techniques on Linux PCs and Macs, Rack911 said.

Intruders would still need to download and run the necessary code before launching a symlink race, so this is more of a tool to facilitate an existing breach than start it. Researchers also noted that most of the vendors (including AVG, F-Secure, McAfee and Symantec) have fixed the bugs, some of them quietly.

This still leaves a few (currently unnamed) antivirus clients vulnerable, though. Rack911 also warned that taking advantage of the bugs was “trivial.” This could reduce the effectiveness of antivirus software and make malware that much more effective for attackers who know the bugs exist. You’ll want to update your security software, then, even if it’s just to reduce the potential damage should someone compromise your system.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
437 Shares
Share
Tweet
Share

Popular on Engadget

Weber’s SmokeFire smart grills just got a lot better

Weber’s SmokeFire smart grills just got a lot better

View
Atmospheric CO2 hits a record high while emissions drop

Atmospheric CO2 hits a record high while emissions drop

View
Our readers find Nintendo’s Joy-Con controllers a crushing disappointment

Our readers find Nintendo’s Joy-Con controllers a crushing disappointment

View
EA Access to hit Steam this summer after delay

EA Access to hit Steam this summer after delay

View
Instacart takes steps to discourage 'tip baiting'

Instacart takes steps to discourage 'tip baiting'

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr