A security researcher has discovered a flaw in antivirus software that actually spreads malware.
When antivirus software discovers malware it quarantines it, keeping the computer save from infection.
The flaw however, potentially enables hackers to remove the malware from the quarantine folder and move it onto the computer.
Exploiting this bug is technically complex and it does require a hacker to be physically at the same location as the computer.
However, in a large networked environment, for instance an office with hundreds of computers on the same network, if one computer is compromised it’s certainly possible to infect other machines on the network.
You’re safe with BullGuard
The researcher who discovered the flaw
, Florian Bogner, has notified antivirus companies that have software which contains the vulnerability.
Apparently most of these vendors have issued updates that fix the issue. Some of these reportedly include Emisoft, Ikarus, Kaspersky, Malwarebytes, Trend Micro and ZoneAlarm.
BullGuard users are not affected by the vulnerability, because BullGuard designed all its products architecture and processes to protect against such issues.
Importance of updates
The discovery of this potential compromise illustrates the importance of always applying updates, whether it’s to antivirus programmes, operating systems or other types of software.
It also underlines how software by definition is innately complex and as result, the need to practise good security is important, whether it’s running AV software, protecting your Wi-Fi network
or simply being aware of phishing techniques used by cyber fraudsters.
However, it is ironic that antivirus software, designed to protect, has a vulnerability which if exploited could infect computers.
It does happen occasionally; the important thing is that vendors patch the flaw as soon as it is discovered.