Newsbytes
  • India
  • Business
  • World
  • Politics
  • Sports
  • Science
  • Entertainment
  • Auto
  • Lifestyle
  • Inspirational
  • Career
  • Bengaluru
  • Delhi
  • Mumbai
  • Videos
  • Phone Reviews
  • Find Cricket Statistics
Hindi
More
Newsbytes
Hindi
Newsbytes
User Placeholder

Hi,

Logout


India
Business
World
Politics
Sports
Science
Entertainment
Auto
Lifestyle
Inspirational
Career
Bengaluru
Delhi
Mumbai
Videos
Phone Reviews
Find Cricket Statistics

More Links
  • Videos

Download Android App

Follow us on
  • Facebook
  • Twitter
  • Linkedin
  • Youtube
 
Home / News / Science News / Critical security vulnerability detected in top antivirus apps
  • Science

    Critical security vulnerability detected in top antivirus apps

    Shubham Sharma
    Written by
    Shubham Sharma
    Twitter
    Last updated on Apr 27, 2020, 12:01 pm
    Critical security vulnerability detected in top antivirus apps
  • From Kaspersky to Quick Heal, all antivirus programs take out malicious programs well before they compromise the whole PC.

    They all work swiftly. But, if a new report from security researchers at RACK911 Labs is anything to go by, often times antiviruses themselves suffer from vulnerabilities that can leave your entire system unusable.

    Here's all you need to know about it.

  • In this article
    28 programs found vulnerable to symlink race bugs So, what do these bugs do? Then, the attacker can crash your PC Most vendors informed, patches issued
  • Issue

    28 programs found vulnerable to symlink race bugs

    28 programs found vulnerable to symlink race bugs
  • After analyzing several antiviruses over the last two years, RACK911 Labs found that 28 of the most popular programs, including Microsoft Defender, McAfee Endpoint Security, and Malwarebytes, either suffer or have suffered from common symlink race bugs.

    The vulnerability, which has been described as a 'very real and old problem', works across Windows, macOS, and Linux machines, ZDNet reported.

  • Impact

    So, what do these bugs do?

  • According to the researchers, symlink race bugs can be exploited in the interval between scanning a file for viruses and actually removing it.

    Basically, during this short window, an attacker could use symbolic links and directory junctions to link malicious files with legitimate ones.

    This way, the malicious file is replaced with a mixed 'symlink' on the PC.

  • Risk

    Then, the attacker can crash your PC

  • Once an attacker manages to create a symlink on your PC, they could use it to execute malicious actions without coming under the radar of the antivirus in use.

    If the symlink is created by linking a malicious files with a higher-privilege item, the attacker could carry out Elevation-of-Privilege attacks, deleting files used by the operating system and, therefore, rendering it unusable.

  • Fix

    Most vendors informed, patches issued

    Most vendors informed, patches issued
  • The researchers notified all the antivirus vendors whose products were found to be vulnerable to symlink bugs.

    Most of them, the company says, have issued patches for the glitch, but some unnamed ones still remain unfixed.

    That said, for now, the best way to avoid this attack is to have your antivirus system and its databases updated.

  • Microsoft
  • Security
  • Technology
  • Kaspersky
  • ZDNet
  •  
Latest News
  • Leeds United stun Manchester City in Premier League: Records broken
    Leeds United stun Manchester City in Premier League: Records broken
    Sports
  • Nokia 4.2 receives March 2021 security via Android 11 update
    Nokia 4.2 receives March 2021 security via Android 11 update
    Science
  • Samsung to make OLED TVs using LG panels
    Samsung to make OLED TVs using LG panels
    Science
  • 'Ticket to Paradise,' starring Clooney-Roberts, to release next September
    'Ticket to Paradise,' starring Clooney-Roberts, to release next September
    Entertainment
  • KTM RC 390 discontinued from official India website
    KTM RC 390 discontinued from official India website
    Auto
Related Timelines
  • #BugAlert: Security flaw flagged in Safari, but Apple delayed patch
    #BugAlert: Security flaw flagged in Safari, but Apple delayed patch
    Science
  • Millions of PCs are vulnerable to a Thunderbolt port flaw
    Millions of PCs are vulnerable to a Thunderbolt port flaw
    Science
  • Critical vulnerability detected in Apple's Mail app: Details here
    Critical vulnerability detected in Apple's Mail app: Details here
    Science
Trending Topics
Samsung Apple OnePlus Mobiles Android TV Smart TV Latest Gadget Launch MediaTek Dimensity 1000+ COVAXIN Latest Tech News Upcoming Mobile Phones
Next News Article
Share
Cancel

Want to share it with your friends too?

Facebook Whatsapp Twitter Linkedin
Copied

Love Science news?

Subscribe to stay updated.

Science Thumbnail
India News Business News World News Politics News Sports News Science News Entertainment News Auto News Lifestyle News Inspirational News
Career News Bengaluru News Delhi News Mumbai News Bharti Airtel Mukesh Ambani Indian Premier League Chris Lynn Samsung Virat Kohli
Rohit Sharma Cricket News Mahendra Singh Dhoni YouTube Hollywood News WhatsApp Bollywood News Real Madrid ISRO Yoga
Honda Batman Football News BMW Vaccine Reliance Jio OPPO Food News, Healthy Recipes Apple Tesla
Royal Challengers Bangalore Toyota Fashion Tips Amit Shah Mercedes Sidharth Malhotra Isha Ambani India Vs England Cricket OnePlus Mobiles Android TV
Smart TV Marvel Comics Avengers Neha Kakkar
About Us Privacy Policy Terms & Conditions Contact Us News Reviews News Archive Topics Archive Find Cricket Statistics
Follow us on
Facebook Twitter Linkedin Youtube
All rights reserved © NewsBytes 2021