Security disability, dangerous ingredients in your anti-virus Software


Anti-virus Software should be the principle of the treatment is due to a dangerous and even malicious code. If you are not careful enough, to work, to and from of their so-called security Software is a dangerous point of entry for viruses and hackers. That is exactly the case with Avast! the case has been demonstrated by a security researcher Tavis Ormandy a very impressive way. As you do this, nothing else has been left up to the manufacturer to disable it, as it is a very important part of your AV Software.

Because the malicious Code is usually verschwurbelt a solid, it is the Intention, then the only way to detect that the part is performed, at a minimum, and to be observed. To this end, all of the anti-virus emulators, in the case of Avast! this is the first task in the process that leads to AvastSvc.exe it is run with System privileges on Windows, and protected by the machine.

The Avast Antivirus Service is running with system privileges in Windows, and it leads to the viruses and Exploit Code – what could possibly go wrong?

(Image: Ormandy )

This process is not blocked, and contains, among other things, a self-made JavaScript Interpreter, whose job it is to suspect for the Code to run. If a mistake has been made, is it – booom!!! Ormandys normal, it is precisely these errors, so as to notify the manufacturer and publish the facts of the case, and then. He had practiced it a dozen times, and, in particular, in the case of the anti-virus Software. Also, in the case of Avast, it reported a critical vulnerability. But this time, he did not let it stop there, but went a step further.

Ormandy is documented down to the last Detail, as it may be, self-tapping, with a little bit of the Background of the ” Avast-Interpreter in Javascript for security vulnerabilities. It starts with a Linux server in a Debug instance of the Javascript Engine in the front, you can give it your own test code. It goes further in that it describes how you can ensure an easy to ensure that your Code just doesn’t seem right enough to have the anti-virus scanner kicks in on the truth.

“If you’ve got a vulnerability [auf diesem Weg] I think it’s pretty safe to critics, and the network can be used. Please report this to the stand” also includes Ormandy to be a short Tutorial with a link to the security page of the Report of the security flaws. The reaction was not long in coming:

“In order to safeguard the hundreds of millions of users, we need to shut down the Emulator,” tweeted the device after a short time. The risk of a computer worm, that is, the kidnapping of millions of free Avast-system, the manufacturer appears to be high, you will have pulled the plug on the Emulator using the Auto-Update feature of the AV Software. As a part of its functions, the protection is there, and the a-v Software. How important it was for the protection of Avast is to date not clear, since it depends on an internal, non-disclosed, the architecture of the anti-virus Software.

Now you can push it, that is, of course, Ormandy’s, the black Peter, which he increased by the publication of a guide for the Testing of the risk to the security of the users. On the other hand, this makes the Bearer of a message from the person responsible. It is the fact that the device sells for, of course, your security Software, even the most simple safety rules which are manifestly neglected and despised. Avast! it is running the suspect Code within an elevated privileges, not the use of it is locked away in a box of sand. This is the same as if the guardians have to juggle in a warehouse with barrels of gunpowder with lit torches. Ormandy’s not more, not less, to have brought this issue out in the open.

By the way, this is an embarrassment to Security comes from revelation that are only a few weeks after the announcement was made that the device has sold out in the course of the year, the data navigation of its users. They are now looking for a way to fast, the your Avast protection virus, get rid of, at the very least you can use a transition instead of the built-in protection anti-virus for Windows now to have a good Detection system. In addition, Microsoft’s Software has security vulnerabilities. However, the guidelines for the internal development of software at Microsoft, at least, it should prevent such gross sloppiness.