CyberArk researcher Eran Shimony has revealed security vulnerabilities in popular antivirus solutions that could allow malware attackers to gain elevated permissions on the compromised systems.
Antivirus solutions from Kaspersky, McAfee, Symantec, Fortinet, Check Point, Trend Micro, Avira, and Microsoft Defender were impacted but have since been fixed.
The vulnerabilities result from the default discretionary access control lists for the "C:\ProgramData" folder of Windows.
Every user has write and delete permission on the base level of the directory, but there are concerns the flaws could allow a non-privileged process to create a new folder in "ProgramData" that later could be accessed by a privileged process.
The flaws could allow attackers to delete any file in the system or eliminate the content of any file in the system.
From The Hacker News
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA
No entries found