Avast 4.8 plugs security hole
Version 4.7 of the avast virus scanner contains a security hole that allows local users to escalate their privileges on systems. The new version 4.8 fixes the flaw and adds anti-rootkit and anti-spyware functionality to the security software.
The vulnerability enables local users to access systems at system privilege level and is caused by flaw in the aavmker4.sys
driver. When processing IOCTL
input-output requests the driver does not adequately check user input, which can be exploited to overwrite arbitrary memory areas using specially crafted requests. Version 4.7.1098.0 and potentially earlier versions of the driver are affected, reports Tobias Klein in a security advisory.
Version 4.8 of avast was released this weekend and fixes the problem. Another major improvement is rootkit and spyware protection. The developers have also fixed numerous noncritical flaws listed in the vendor's changelog.
The new software version is free for home users and can now be downloaded from the vendor's web page. The aavmker4.sys
kernel driver fix is also distributed as an automatic update.
See also:
- avast! 4.7 aavmker4.sys Kernel Memory Corruption, security advisory by Tobias Klein
- avast! 4 Home/Professional Revision History, avast changelog
- Download the home user version of avast 4.8
(mba)