Unsolved
This post is more than 5 years old
5 Journeyman
•
15.6K Posts
•
45K Points
0
5091
November 24th, 2009 05:00
UNpatched memory corruption vulnerabilty in Avast
I am posting the following, since the information is freely available on the net. This vulnerability is not yet patched, meaning avast users can't do anything about it (until avast releases a patch). It is rated "less critical", so I would suggest that any avast users simply sit tight and wait it out --- i would NOT panic and drop avast for another anti-virus (which could have problems of its own)
The following was copied/pasted from http://secunia.com/advisories/37368/ (dated 17 November):
Description:
A [less critical] vulnerability has been discovered in avast! Home/Professional, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges.
The vulnerability is caused due to an error in aswRdr.sys when processing IOCTLs. This can be exploited to corrupt kernel memory via a specially crafted 0x80002024 IOCTL.
Successful exploitation may allow execution of arbitrary code with SYSTEM privileges.
The vulnerability is confirmed in avast! Home version 4.8.1356. Other versions may also be affected.
Solution:
Restrict local access to trusted users only.
NOTE: Avast is aware of the issue, and is currently working on a fix http://forum.avast.com/index.php?topic=51216.0
Evermore
2 Intern
•
338 Posts
0
November 24th, 2009 16:00
Thanks ky331 for the information. Let us know when the patch is available.
ky331
5 Journeyman
•
15.6K Posts
•
45K Points
0
November 25th, 2009 17:00
avast! 4 Home/Pro v4.8.1367 - November 25, 2009
Changes
* improvements in the malware URL blockers
* solved a vulnerability in aswRdr.sys (CVE-2009-4049)
http://avast.com/eng/avast-4-home_pro-revision-history.html
RIGHT-click on the Avast ball in your system tray, select Updating, and then Program Update.