漏洞类别:Local
漏洞等级: 
漏洞信息
AVG is an antivirus and security tool.
A code injection vulnerability, called DoubleAgent, affects AVG Antivirus which allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any AVG process.
The products mentioned do not use the Protected Processes feature, and which can allow an attacker to enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry. The self-protection mechanism is used to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products. The mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack.
Affected Versions:
1) AVG Ultimate 17.1 (and earlier)
2) AVG Internet Security 17.1 (and earlier)
3) AVG AntiVirus FREE 17.1 (and earlier)
漏洞危害
Successful exploitation of the vulnerability may allow an attacker to:
1) Turn the Antivirus into a malware.
2) Modify the Antivirus internal behavior.
3) Abuse the Antivirus trusted nature.
4) Encrypt all files or format the computer's hard drives.
5) Cause a Denial of Service.
解决方案
Customers are advised to download the latest version of AVG Antivirus.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论