The first advice that security experts and laymen alike give to computer users is as old as time: install antivirus software. This simple piece of advice is meant to help users who would otherwise be left completely unprotected against the many dangers of the Internet, especially considering that many people have no idea about things like cyber-attacks and malware.
Unfortunately, attackers are often very ingenious. As if to demonstrate that ingenuity, we now have what a security researcher has dubbed “AVGater”. AVGater is a vulnerability that takes advantage of many popular antivirus services including Kaspersky and Malwarebytes.
This vulnerability works by relocating malware that has already been quarantined into a different folder that the attacker can choose. As such, an attacker could purposefully infect a system and then move their malware into a folder that otherwise would have been nearly impossible to penetrate, such as the Windows folder.
Though the aforementioned antivirus services and four more have already fixed this vulnerability, there are seven more known services that are still vulnerable.
Florian Bogner, the Austrian researcher who discovered the vulnerability, has already demonstrated its effectiveness in penetrating systems and taking them over, along with all kinds of information that they might hold.
Fortunately, Bogner has been working with the antivirus services in order to fix this vulnerability and explain exactly how the exploit works. Currently, he is in talks with additional companies though he would not disclose which in order to protect their systems.
What this vulnerability has so obviously demonstrated once more is that there is virtually no impenetrable system in the world.
Of course, this does not mean that most people should not trust their antivirus systems. On the contrary, the vast majority of users would be left entirely unprotected if not for the work of such systems.
Even though vulnerabilities like this will continue to happen in the future, antivirus companies almost always respond extremely quickly to fix their systems against such attacks and spend a lot of time and resources ensuring that their services are as secure as they can humanly be.
In fact, it is a very probable truth that Windows Defender alone, which comes as default in most versions of Microsoft’s latest OS, has stopped millions of computers from being infected with malicious code.
Some common sense is also necessary when surfing the internet, though the average Joe is obviously not expected to protect themselves against attacks of this caliber.