Zero day attack on Avast and AVG causes mayhem

Zero day attack on Avast and AVG causes mayhem

The security software that turned out to be unsecure for 10 years.

Avast and AVG are two antivirus programs commonly found on computer systems worldwide. The cybersecurity company, named SentinelOne, discovered two threatening zero day vulnerabilities. That discovery took no less than a decade to occur. SentinelOne suspects that millions of users were exposed to this vulnerability. It has not yet been proven that the flaws were actually exploited by cybercriminals. Unfortunately, the likelihood of malicious actors being involved is high today. The vulnerabilities were reported in December 2021, and as a result, Avast released security updates in February 2022. The vulnerabilities are now known as CVE-2022-26522 and CVE-2022-26523.

Are you currently using Avast or AVG? If so, please check if you are already on version 22.1 or higher, which no longer carries the vulnerability.

Where is the security flaw hiding in this Zero Day attack?

The vulnerabilities derive from the same component, the rootkit driver. This piece of software has been part of Avast since 2012. Since it is security software, it is executed with high priority on a computer system. Attackers who can exploit this security flaw can disable security solutions, tamper with an operating system or perform other malicious actions.

Malicious actor

Zero day attacks are emerging more frequently

An attack of this type can cause a lot of damage. The name “Zero Day” is used because the software vendor has 0 days to fix the problem. That means that hackers have discovered a vulnerability without the creator of the program or software knowing it. Previously, we saw how a zero day attack on Log4j had a huge impact on the world.

At team Safe-Connect, we take on the battle against cybercrime with the help of our cybersecurity experts. Together we aim for a safer digital world.