Major bug in Avast JS engine that allowed to execute arbitrary | Prisma/Channel

Major bug in Avast JS engine that allowed to execute arbitrary JS code with SYSTEM privileges as easy as just sending a malicious file to the victim in an email.

The patch is not ready yet (and no timeline given so far) but the compromised component is allegedly disabled in Avast installations.

Generally, for end-user machines with Windows 10, 3rd party AV software gives little to none advantage over the built-in Defender. Consider switching to Defender at least temporarily until the patch is ready.

More info: https://www.zdnet.com/article/avast-disables-javascript-engine-in-its-antivirus-following-major-bug/

Prisma/Channel

🧛 284
Technologies

All things cyber security — news, tips, discussions, and occasional humor. ⭐️ Please rate and review here: ⭐️. https://tchannels.me/c/prisma_channel. 🕊 Twitter: https://twitter.com/aprism...

Join
▲ Vote (1)

Major bug in Avast JS engine that allowed to execute arbitrary | Prisma/Channel

Login