Avast Patches AV Zero Day
Thursday, October 8, 2015 @ 04:10 PM gHale
Avast patched a Zero Day exploit inside its antivirus tool.
The bug infiltrated machines when users would access Web pages protected through HTTPS connections, said Tavis Ormandy, a Google Project Zero engineer that discovered the flaw.
Because the Avast antivirus would tap into encrypted traffic so it could scan for threats but was using a faulty method for parsing X.509 certificates, this allowed attackers the possibility to execute code on the users’ computer.
“We have released a fix via virus definition updates last week. There is no action required by the user,” Avast officials said.
The only condition was users would access a malicious HTTPS website, which is not such a far-fetched scenario.
Ormandy released a proof-of-concept on Project Zero’s Google Group after the antivirus company issued a fix.
This is the third antivirus solution that suffered a Zero Day vulnerability in the past 30 days.
Kaspersky was one firm that suffered a Zero Day as did FireEye on their antivirus tools.