Almost Every Antivirus Software Program Can Be Exploited, Researchers Say

    Date30 Apr 2020
    313
    Posted ByBrittany Day
    Island Hopping 640x414

    Security researchers have revealed that a vulnerability in almost all antivirus software platforms could have been exploited to disable anti-malware protection and turned into destructive tools.

    RACK911 Labs has found a unique method of using directory junctions (in Windows) and symlinks (in macOS and Linux) to turn antivirus software products into self-destructive tools. However, it was reported that most of the antivirus companies have now fixed the vulnerability in their products.

    Researchers stated that an attacker must be highly time-sensitive and should know when to exploit the directory junction or symlink vulnerabilities. “What most antivirus software fail to take into consideration is the small window of time between the initial file scan that detects the malicious file and the cleanup operation that takes place immediately after. A malicious local user or malware author is often able to perform a race condition via a directory junction (Windows) or a symlink (Linux & macOS) that leverages the privileged file operations to disable the antivirus software or interfere with the operating system to render it useless,” the researchers explained.

    LinuxSecurity Poll

    What do you think of the LinuxSecurity Privacy news articles?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/25-what-do-you-think-of-the-linuxsecurity-privacy-news-articles?task=poll.vote&format=json
    25
    radio
    [{"id":"90","title":"Love them!","votes":"90","type":"x","order":"1","pct":78.95,"resources":[]},{"id":"91","title":"I'm indifferent","votes":"18","type":"x","order":"2","pct":15.79,"resources":[]},{"id":"92","title":"Not interested in this topic","votes":"6","type":"x","order":"3","pct":5.26,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.