If you run AVG, Avast, Bitdefender, Symantec or McAfee antivirus software, you had better read this


Security researchers have discovered a serious flaw in many of the world’s leading antivirus software suites, potentially leaving millions of users around the world at risk.

According to cyber security firm enSilo, antivirus software from the likes of AVG, Avast, Bitdefender, McAfee, Kaspersky Lab, Trend Micro, Symantec, Citrix, Emsisoft, Vera Security and Webroot are suffering from major security flaws which could enable hackers and cyber criminals to secretly access your computer.

The flaws were discovered after enSilo studied how software providers use ‘hooking’ – the method used by anti virus software to ensure it catches threats and removes them effectively.

However, security researchers found many of the anti virus software providers had not been using the hooking method correctly, allowing attackers to easily bypass the system and exploit any vulnerabilities.

If that wasn’t bad enough, other flaws discovered allowed viruses to remain undetected on a victim’s computer where it then insert a malicious code or malware into files stored locally on the machine.

Researchers found that the part of the reason why so many antivirus programs are affected is is due to a vulnerability found in Microsoft Detours – the world’s biggest hooking engine – which is used by more than 100 software providers around the world.

Some of the software providers have said they have already released a patch to fix the issue, with Bitdefender saying it fixed the flaw in its software back in January.

However, Microsoft has said it is yet to release a patch but plans to by the end of next month.

It is not known if the other antivirus software providers have fixed the flaw.

This news follows the discovery last month of another major security flaw found by Google researchers in Norton and Symantec antivirus products.

The flaw was described as “as bad as it gets” by the researcher who discovered it, where it was found to affect both PC and Mac and could be exploited by someone simply sending a link or an email with a malicious file attachment.

RELATED: 10 ways to avoid being hacked



Comments are closed.