All the software we use every day is vulnerable to security vulnerabilities, including our operating system and computer software. However, the really dangerous thing is when these vulnerabilities affect your computer's antivirus software, as happened to one of the most commonly used on the Internet.
We're talking about Bitdefender Antivirus Free 2020, where SafeBreach researchers have discovered a serious vulnerability that allows the hacker to take full control of your computer. The vulnerability is that the antivirus program loads the DLL into memory that has no protection, so it cannot verify that the file belongs to the company.
With this, any hacker can create its own DLL file and inject it into the program, known as DLL hijacking. In addition, DLL files are loaded every time the antivirus program or computer is restarted, so that the code is injected into the program as if it were static, and it is almost impossible to detect it.
Because of this vulnerability, the attacker can gain full access to the computer and its files with administrator permissions, so that it is able to exclude the applications it wants so that the antivirus software does not detect other more dangerous malware. In this case, installing Bitdefender is more dangerous than installing Windows Defender, because an antivirus program has been modified and controlled by a hacker, as if we had nothing installed to protect us.
0 Comments