SP's: Avast was detected with a serious zero-day exploit by a Google security expert. The antivirus software was vulnerable to malicious HTTPS websites.
Antivirus Softwares are trusted heavily with the security of the computer system, especially in today’s times when the threat of viruses and malware is at the peak. Avast has been one of the best free antivirus software preferred by users in 2015, but the latest glitch in the threat detector has worried a few.
Google’s security expert Tavis Ormandy detected a zero-day exploit in the Avast antivirus, which could be identified when the users access the HTTPS connections on the Internet. This is the third zero-day exploit disclosed within an antivirus solution that too in the same month. Kaspersky and FireEye had already been detected with the vulnerabilities.
A zero-day vulnerability is a flaw or a void in the software that remains disguised even to the vendors until exposed by attackers or any security expert. Zero-day refers to the unknown nature of the problem.
Zero-day attacks are comparatively dangerous because the extent of the offense can’t be predicted since the void in the software is also unknown.
As we saw in Kaspersky zero-day exploit, an attacker was able to infiltrate the user’s computer and get access to system-level privileges and carry out all kinds of attacks with ease.
Similarly in FireEye’s zero-day exploit, an attacker could have been able to get unauthorized remote root file system access.
In Avast’s zero-day void, the attackers could be able to execute codes on the user’s computer when the victim would access a malicious HTTPS website. This was possible because Avast was using a faulty method for analyzing X.509 certificates as it screened through the encrypted traffic for threats.
However, zero-day vulnerabilities are not easily figured out and thus the chance of a serious outbreak lessens. In both Kaspersky and FireEye cases, major attacks were not reported and neither were in the Avast’s zero-day vulnerability.
Avast has announced that they have fixed the problem and there is no action required by the user thereby.
For more updates on security issues, stay updated with us.