Google research reveals critical flaw in ESET virus scanners expose




A Google security researcher has discovered a critical vulnerability in the antivirus company ESET. Attackers can exploit the bug in the so-called mini-filter at a distance to get unnoticed full access to a system.

Mini filter in various ESET software, including antivirus and security packages, is designed to intercept the data traffic to and from a hard disk or SSD and analysis. In addition, code is emulated if it is feasible, and can be watched by the ESET software or the code is or is not dangerous. According to Google researcher Tavis Ormandy is the mini filter but not solid enough, allowing an attacker by I / O traffic to generate a system of malicious code can be started. Because this is hardly noticeable and no user interaction is needed is a system to attack silently and remotely take over.

On Windows systems, according to Ormandy attackers can gain administrator rights because access to the process ekrn.exe can be obtained. On OS X and Linux systems esets the daemon can be taken which has root privileges.

Ormandy says he leak in the ESET security software with only a few days’ work on the track and came to abuse. He has also published an exploit. Slovak ESET has released on June 22 updates for the affected software, which should resolve the issue.

Update, Thursday, 23/07: ESET announced the leak three days after giving the notice poem.


Tags: , , , , , , ,

In: Technology & Gadgets Asked By: [15519 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »