A backdoor for attackers to exploit
Enthusiastic attackers are active since day zero, which led Avast to take a proactive step for buzzing them off. Tavis Ormandy, a security researcher at Google found this bug in Avast’s JavaScript engine on March 4th this year. Then he made a tool that analyzed the vulnerability and disclosed it to Avast for correction. The tool Ormandy invented back in 2017 was helpful for porting Windows DLL files into Linux. But this was also used now for finding a bug in Avast’s JavaScript engine, that could let any potential malware into the system. When he released this tool again on March 9th, Avast too appreciated him for making their vulnerability analysis simpler with it. An attack using this bug could be simpler than ever. An attacker would send an email to a person, with a JavaScript or WSH file that contains malicious code to run on PC. And when downloaded, it would grant the attacker with SYSTEM-level access for any major exploitations.
No patch yet? Let’s disable.
As of now, Avast hasn’t released any patch for this bug, instead decided to disable the entire JavaScript engine for a good cause. This is an extreme step, as it’s necessary for analyzing any JavaScript codes before being installed on the user’s PC. Further, there’s no timeline said by Avast too. This could be a fine step, as letting users be more suspicious about clicking on malicious links is better than letting attackers enter through a backdoor. Via: ZDNet
