Hi,
I would like to know by any avast staff. Is this is true?
And which vunerabilities are publicly disclosed?
And as this vunerabilities fixed somehow ?
Kind Regards,
Filipe
This is what I just received from Avast.
“The scenario described in the article does not apply to Avast or AVG Antivirus (free or paid) products
because checks performed by the Avast and AVG File Shield would detect and block the attack.”
That´s good to hear. Thanks bob. So they must had checked and confirmed that it is detected by the field shield.
Filipe
The researchers specifically name Avast as being vulnerable. They write of a list that includes Avast:
The lists above are the antivirus products that we directly tested and sent off individual vulnerability reports for that were confirmed by the vendors.
Report link here: https://www.rack911labs.com/research/exploiting-almost-every-antivirus-software/
Yo Avast, we need more detail on this: Are they lying?
Since we don’t know under what terms they did their test, there is no way to know.
I’m simply passing along what Avast released and asked to pass along on the forum.
Since we don't know under what terms they did their test, there is no way to know. I'm simply passing along what Avast released and asked to pass along on the forum.
Sorry Bob, that was directed at whatever Avast reps are on these forums - not you. No hostility intended. I’ll edit my post to clarify.
No hostility take.
My reply was a direct quote from an Avast employee.
I got notification this morning via a Kim Komando newsletter, and this has me concerned as I’ve always recommended Avast Free for my non-commercial customers. I guess I’m looking for an unequivocal statement… is Avast Free safe from this exploit?
As far as how they did their test, apparently they’ve been trying to communicate this for months and only recently opted to go public.
Rack911 has indicated that Avast IS vulnerable if the logged in account (in windows) is a local admin, which most users on home and SBO machines are. We’re getting very mixed messages on this.
You left out the most important part of what I posted. The reply from Avast.
https://forum.avast.com/index.php?topic=233871.msg1545064#msg1545064
In my conversations with Rack911, they have explicitly said that Avast’s claim is not accurate, especially if logged in on an account with local admin privileges (which most windows home and SBO users are doing).