DoubleAgent attack

Hi
I’m so curious to know what you are doing for DoubleAgent :slight_smile:
Are you releasing a Hotfix for Avast just like TrendMicro?

A new technique named DoubleAgent, discovered by security researchers from Cybellum, allows an attacker to hijack security products and make them take malicious actions.

The DoubleAgent attack was uncovered after Cybellum researchers found a way to exploit Microsoft’s Application Verifier mechanism to load malicious code inside other applications.

That’s dangerous for these av’s:
Avast (CVE-2017-5567)
AVG (CVE-2017-5566)
Avira (CVE-2017-6417)
Bitdefender (CVE-2017-6186)
Trend Micro (CVE-2017-5565)
Comodo
ESET
F-Secure
Kaspersky
Malwarebytes
McAfee
Panda
Quick Heal
Norton

According to this:
https://malwaretips.com/threads/new-attack-uses-microsofts-application-verifier-to-hijack-antivirus-software.69830/

Several topics on this already.

From memory of the topics, Avast 17.x.x isn’t vulnerable to it.

EDIT: This is just one such topic, https://forum.avast.com/index.php?topic=199290.0.
It is pretty hard to be first on the avast forums.

Dave is right, read here: https://forum.avast.com/index.php?topic=199290.0

Thanks
It’s really hard to be the first ;D

Thank you

You’re welcome.