All I did was to submit the report to the attention of the forum. It is a very plausible scenario and any such report should be given some credence. It would not surprise me that it is not a problem with Avast but until I see justified statements to that effect, I am not going to be complacent. I note that Agnitum Outpost Security Suite and Panda Security are not said to be a problem. This does not surprise me since neither checks on security certificates. I know that Avast Free does and so I seek authoritative reassurance that Avast, especially Avast Free AV, is not afflicted with the problem.
My understanding is that the issue is that some security products make themselves proxies for https certification when that apparently should be the responsibility of the browser. I note that on my Windows 7 system on which Avast Free 11.2.2262 is installed, the browsers (Google Chrome and Mozilla Firefox) do attribute the certificates to authorities that are not Avast so I guess that Avast is not culpable. It would be a relief to me to be sure that this is so since I have installed Avast Free as the malware protection of preference on a number of Windows computers used by friends and relatives. They do online transactions so the matter is of direct concern to me.
I am by no means knowledgeable on the subject of web security but am aware of its vital importance.