If you run McAfee VirusScan Enterprise version 8.8, Kaspersky Total Security 2015, and AVG Internet Security 2015, you need to update your software right now. According to enSilo via a a blog post, all three AV apps allocate memory for read, write, and execute (RWX) permissions in a predictable address that an attacker could use to inject code into a target system. On top of that, enSilo has created a free checking utility called AVulnerabilityChecker and stuck it on Github for anyone to use to see if they are affected.
Intel, owner of McAfee, and Kaspersky have now fixed the issue. Ditto for AVG. If you haven’t updated your AV apps lately, you should do so now.
Like this:
Like Loading...
Related
This entry was posted on December 10, 2015 at 10:03 pm and is filed under Commentary with tags AVG, Kaspersky. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Several Major AV Products Have A Common Flaw
If you run McAfee VirusScan Enterprise version 8.8, Kaspersky Total Security 2015, and AVG Internet Security 2015, you need to update your software right now. According to enSilo via a a blog post, all three AV apps allocate memory for read, write, and execute (RWX) permissions in a predictable address that an attacker could use to inject code into a target system. On top of that, enSilo has created a free checking utility called AVulnerabilityChecker and stuck it on Github for anyone to use to see if they are affected.
Intel, owner of McAfee, and Kaspersky have now fixed the issue. Ditto for AVG. If you haven’t updated your AV apps lately, you should do so now.
Share this:
Like this:
Related
This entry was posted on December 10, 2015 at 10:03 pm and is filed under Commentary with tags AVG, Kaspersky. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.