Update your AntiVirus software and you won't have to worry

Subject: General Tech | December 10, 2015 - 01:37 PM |
Tagged: security, avg, Kaspersky, mcafee

To reverse the usual order, the good news is that AVG fixed the issue a while ago, as have Intel, owner of McAfee, as well as Kaspersky.  The bad news is that this exploit is rather nasty and was completely avoidable with a bit of forethought.  Of all the programs to follow a predictable pattern, AV software is the last one you would want to see do so.  There is a tool over at github to allow you to check your own vulnerability.  Personal machines should be good to go but as The Register mentions, at least one Enterprise level AV program is vulnerable and those definitions are often updated along a different path that consumer level products. 

Chances are you are safe, but you should probably double check.

McAfee_VirusScan1.png

"In March, researchers at security firm enSilo found a serious flaw in popular free antivirus engine AVG Internet Security 2015. They found that the software was allocating memory for read, write, and execute (RWX) permissions in a predictable address that an attacker could use to inject code into a target system."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Register