Avast WEBforum

Other => Non-Avast security products => Topic started by: polonus on January 21, 2020, 10:38:48 PM

Title: Security hole in Bitdefender's scan-engine based av-solutions.
Post by: polonus on January 21, 2020, 10:38:48 PM

Where specially crafted RAR-files makes av-solutions won't scan that specific malcode.
It goes under the radar.

This issue is with av solutions that make use of Bitdefender's scan-engine, like Bullguard, G Data, Emisoft.

Read: https://blog.zoller.lu/p/from-low-hanging-fruit-department.html
https://www.centos.org/forums/viewtopic.php?t=65285

Others that make use of Bitdefender's engine:
Auslogics Antivirus
e-Scan,
IObit Advanced SystemCare with Antivirus 2013
F-Secure,  (no longer using - thanks, Pondus  ;)
Hauri (ViRobot)
Imen,
Immunet,
Lavasoft Total Security,
MultiCore Antivirus
Qihoo 360,
RadialPoint,
Roboscan Internet Security
SafeNSoft,
SecurityCoverage,
SourceNext,
SurfRight,
TrustPort,
VirusChaser,
Zenok.
AV-Defender

Question - Is avast av also vulnerable?

Second time after the BZIP-file issue malcoded RAR-files fool av-scanners.

polonus

Title: Re: Security hole in Bitdefender's scan-engine based av-solutions.
Post by: Pondus on January 22, 2020, 01:50:55 AM

Quote

Others that make use of Bitdefender's engine:
Auslogics Antivirus
e-Scan,
IObit Advanced SystemCare with Antivirus 2013
F-Secure,
...................
...................
...................

F-Secure moved to Avira engine in 2018/2019

Title: Re: Security hole in Bitdefender's scan-engine based av-solutions.
Post by: polonus on January 26, 2020, 05:29:47 PM

Many more av solutions could meet with such 0-day disasters inside their software...as trendmicro has recently:

But it is really scaring when you are being attacked by a zero day inside the av-solution that should protect you.
How harsh? Read: http://www.mitsubishielectric.co.jp/news/2020/0120-b.pdf
Re: https://success.trendmicro.com/solution/000151730 & https://twitter.com/kterashita/status/1219425905262526464

polonus