December 10, 2015 08:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/RBRkSQ5EFlg/avg-mcafee-kaspersky-antiviruses-all-had-a-common-bug
AVG, McAfee, Kaspersky Antiviruses All Had a Common Bug
An anonymous reader writes: Basic ASLR was not implemented in 3 major antivirus makers, allowing attackers to use the antivirus itself towards attacking Windows PCs. The bug, in layman terms, is: the antivirus would select the same memory address space every time it would run. If attackers found out the memory space's address, they could tell their malicious code to execute in the same space, at the same time, and have it execute with root privileges, which most antivirus have on Windows PCs. It's a basic requirement these days for software programmers to use ASLR (Address Space Layout Randomization) to prevent their code from executing in predictable locations. Affected products: AVG, McAfee, Kaspersky. All "quietly" issued fixes.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/RBRkSQ5EFlg/avg-mcafee-kaspersky-antiviruses-all-had-a-common-bug
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot