Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: REDACTED on January 27, 2015, 07:57:21 PM
-
Hi Avast, I would like to provide a small warning about Avast NG's depedency (Virtualbox.)
The CVE is: CVE-2015-0377
I have been monitoring the NVD for the week and noticed that there is a CVE for Oracle Virtualbox (The system embedded into Avast NG.)
There has been an emergency update from Oracle. The exploit details can be found at: https://www.us-cert.gov/ncas/bulletins/SB15-026
The Patch information can be found at http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
I couldn't find a direct email to send this message to anyone. I thought this might be the best place to warn you.
Thanks
Oliver
-
Moderator notified. :)
-
Thanks for report, CVE-2015-0377 affects only VBox up to version 4.2.28. Avast 2015 is using VBox 4.3.16.
Hi Avast, I would like to provide a small warning about Avast NG's depedency (Virtualbox.)
The CVE is: CVE-2015-0377
I have been monitoring the NVD for the week and noticed that there is a CVE for Oracle Virtualbox (The system embedded into Avast NG.)
There has been an emergency update from Oracle. The exploit details can be found at:
The Patch information can be found at
I couldn't find a direct email to send this message to anyone. I thought this might be the best place to warn you.
Thanks
Oliver
-
@Spec8472,
Thanks for the info and reassurance that we are safe. :)
-
Thanks for report, CVE-2015-0377 affects only VBox up to version 4.2.28. Avast 2015 is using VBox 4.3.16.
Hi Avast, I would like to provide a small warning about Avast NG's depedency (Virtualbox.)
The CVE is: CVE-2015-0377
I have been monitoring the NVD for the week and noticed that there is a CVE for Oracle Virtualbox (The system embedded into Avast NG.)
There has been an emergency update from Oracle. The exploit details can be found at:
The Patch information can be found at
I couldn't find a direct email to send this message to anyone. I thought this might be the best place to warn you.
Thanks
Oliver
Thanks for clarifying, Glad we are not affected!