Antiviruses are those programs that focus on protecting our computers and stored data against all kinds of malicious code. However, its reliability is sometimes questioned due to errors such as the one we are going to talk about now in the popular Avast and AVG .
As a general rule, this type of software is endorsed by some important security firm that has been protecting our computers for a few years. Precisely for this reason, many users still choose to use the projects of these companies instead of Windows Defender . Perhaps the easiest thing would be to leave the antivirus that comes by default in the Microsoft operating system, Windows, running. But as we told you, many prefer other third-party solutions to protect their PCs.
A clear example of all this can be found in the Avast antivirus . In fact, here we find one of the most popular security proposals. The same goes for the AVG alternative. These are two security software solutions that are trusted by a large number of users around the world. We are talking precisely about these two titles due to two recently discovered security flaws .
We mean that two security vulnerabilities of high severity have been found in both programs. The most curious thing about all this is that these failures went unnoticed for years. It is worth mentioning that the vulnerabilities have been located in a legitimate driver that is part of Avast and AVG antivirus. It goes without saying that these long-standing security issues are a serious inconvenience for responsible firms.
Two Avast antivirus vulnerabilities have lasted 10 years
To give you a better idea of what we are talking about, say that these vulnerabilities allow attackers to increase their permissions. Thus, they can disable these security products , overwrite system components, corrupt the system, or perform malicious operations without hindrance. We know all this thanks to a statement by SentinelOne security researcher Kasif Dekel.
These two vulnerabilities, tagged CVE-2022-26522 and CVE-2022-26523, are specifically found in a legitimate anti -rootkit kernel driver called aswArPot.sys. It is speculated that these were introduced in version 12.1 of the Avast antivirus that was released in January 2012 . As it is easy to guess, these security flaws have accompanied antivirus for many years and versions of these.
Of course, we must take into account that after these security flaws were made public, Avast addressed them in version 22.1 of the antivirus. This was released last February where they claim to have fixed the BSoD rootkit driver. At the same time it is worth knowing that initially there is no evidence that these vulnerabilities have been exploited. But despite all this, they are still two important security flaws anchored in antivirus with more than enough reputation, and that have been there for more than 10 years.