I just saw a notice about the aavmker4.sys vulnerability and it looks like my machine (which is running the managed client) has the affected version of aavmker4.sys installed on it. Can someone from Avast please verify whether this vulnerability affects my managed-client systems and if so, what the expected release date is for a fix?
Also, is it possible for me to “patch” the problem myself by replacing the copies of aavmker4.sys on my managed workstations with copies of a newer version of the file, from the v4.8 distribution of Avast Pro? Or are there major differences in aavmker4.sys that would make this impossible?
There is no v4.8 of the managed client. If I were to install v4.8 of Avast Pro on every machine in my network I guess that would eliminate the vulnerability but I would no longer be able to centrally manage Avast.
For those who are interested: I opened a support ticket with Avast and asked the same question, and I heard back that it should work for me to use the version of aavmker4.sys that is distributed with Avast Pro v4.8. So I replaced the older version of this file with the new version on one of my managed PCs and rebooted, and the PC seems to be working fine. I’m going to do this network-wide tonight, and I will report back if I encounter any difficulties.