Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43441
  • Total Topics: 16533
  • Online today: 3253
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 1
Guests: 3251
Total: 3252









Author Topic: Avast finally patched nasty vulnerability in "remote code execution privileges"!  (Read 2466 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Google Project Zero hacker Tavis Ormandy has found a since-patched vulnerability in Avast antivirus that allows attackers to gain remote code execution privileges.

Ormandy says the man-in-the-middle diddle Avast uses to conduct encrypted traffic analysis as it hits browsers is insecure, thanks to bad X.509 certificate parsing.

It appears Avast users would need to follow a link generated by attackers and possibly ignore any code execution warnings in order to be p0wned.

"If you're gonna MITM Chrome's SSL at least get an intern to skim your X.509 parsing before shipping it," Ormandy says: https://twitter.com/taviso/status/647408764505579520

The hacker noted the vendor's seven day patch turn around time but chided one Avast security bod, saying in a tweet that the vendor is lucky attackers have not built worms targeting its products.

Ormandy released proof of concept information on the Google Project Zero asset: https://code.google.com/p/google-security-research/issues/detail?id=546

Avast has not yet updated its site detailing the patch release notes.

(ElReg)

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023