A good antivirus has become essential if we want to be able to be safe when we connect to the Internet. These programs run in the background and are in charge of controlling everything that enters and leaves our computer. Thus, if something is suspicious, it is blocked and is waiting for the user to act accordingly. We usually understand that antivirus is safe, however, what happens when this is not the case?
A few hours ago a report by CyberArk Labs was due to know how the most widely used antivirus on the market are vulnerable and, without knowing it, are putting our PC in danger. These security programs have serious vulnerabilities that, if exploited properly, can be used to elevate privileges within the operating system, making it easier for malware to install and launch.
The supposedly safest, most vulnerable antivirus
This report has shown how most of the antivirus that we have installed on our computer have serious vulnerabilities known to hackers. For example, some of the antivirus that have had these security flaws are:
- Kaspersky – CVE-2020-25043, CVE-2020-25044, CVE-2020-25045
- McAfee – CVE-2020-7250, CVE-2020-7310
- Symantec – CVE-2019-1954
- Fortinet – CVE-2020-9290
- Check Point – CVE-2019-8452
- Trend Micro – CVE-2019-19688, CVE-2019-19689 (and three more unknown)
- Avira – CVE-2020-13903
- Microsoft Defender – CVE-2019-1161
These vulnerabilities can be of all kinds, but the most common are the possibility of deleting files from random locations, allowing the elimination of files critical to the operating system. There are also file corruption flaws that, without actually deleting the file, can delete its content, and even replace it.
Security flaws can be exploited in a number of different ways. For example, they can be exploited to create symbolic links that overwrite files, create a folder within C / ProgramData without permissions that any process can then access, using the antivirus installer to take control of the PC or hijacking different DLLs from the PC.
How to protect our computer from these problems
As with any other software, the best way to protect ourselves from these problems and security flaws is to keep our antivirus always updated, just like any other program. The vulnerabilities that are discussed in this article have already been solved by the respective security firms, thus preventing hackers from endangering the security of our PCs through these antivirus. However, this does not guarantee that there are no other important vulnerabilities that could continue to endanger our PC.
If these security flaws are discovered by researchers, as is this case, no problem . They usually report the bugs in private to the security firms, they fix them, and the report does not come out until after a while. But when it’s the other way around, and hackers secretly discover these flaws, things change.
A failure in an antivirus is critical for the security of any computer, and even any network. Through it, a malware could become more persistent and the infection of the computer could be much more serious.