Skip to main content

New exploit uses antivirus software to help spread malware

One of the most basic rules of safe web browsing is to use antivirus software in order to keep your computer safe. While it’s a good idea to make use of such software, but a recently discovered exploit proves that even the best antivirus software is not fool proof.

Nicknamed AVGater by Austria-based security consultant Florian Bogner, the exploit takes advantage of the “restore from quarantine” function found on many antivirus programs. The concept behind the exploit is fairly simple one. It allows a user to move a piece of malware from the quarantined folder to somewhere else on the victim’s computer, allowing the malware to be executed.

Bogner uploaded a video that provides more information on how the exploit works.

Prime Day Focus
For Prime Day save big on Tineco's innovative smart cleaning gear
Prime Day: Beatbot’s best-selling pool vacuums are at lowest prices of the year
Roborock Prime Day shopping guide: Lots of options, which is right for you?
Ecovacs early Prime Day deals: Save big on top-rated smart home cleaners

Under normal circumstances, the restore from quarantine function would not allow a non-administrator to write a file to the computer’s C:\Program Files or C:\Windows folders, but this attack takes advantage of Windows’ NTFS function to grant the user access to these folders.

As impressive as this all sounds, there is one major flaw which will drastically limit the scope of this exploit. In order to do any of this, the hacker in question must physically be at the computer they wish to infect. Given that most malware is spread via the internet, it is unlikely that this exploit will cause major problems.

Enterprise computers could be the devices most at risk to this sort of attack. While we don’t see it being a widespread problem, it’s feasible that a disgruntled employee could decide to get a little revenge, though such cases are rather limited in nature; most people won’t risk their jobs or prison for such a stunt. That being said, Bogner offered a simple fix to this problem by simply disabling the remove from quarantine feature on enterprise computers.

In terms of antivirus programs, Bogner has notified the vendors of the various software which contain this flaw and many have already rolled out patches to fix this issue.

Exploits such as this are found from time-to-time, but that shouldn’t dissuade users from installing antivirus software as it remains one of the best, though not unquestioned, ways to keep a computer safe from malware and other issues.

Eric Brackett
Former Digital Trends Contributor
Do you need antivirus software on a Chromebook?
Chromebook on a table with a mouse and headphones

If you’re considering buying a Chromebook or have already made your purchase, you’re here because you want to know if you should invest in antivirus software for your new gadget. It's a common concern, especially considering how often these devices are used in education or corporate settings.

You’ll find varying opinions on whether or not you need an antivirus tool for a Chromebook. Some say that every computer should have such a tool no matter what, while others state that antivirus software is a waste of money when it comes to ChromeOS.

Read more
Does your Mac need antivirus software in 2024? We asked the experts
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

It’s an age-old question among Apple fans: Does your Mac need antivirus software? Traditionally, the popular answer has been no -- Macs have strong built-in protections, the argument goes, and antivirus apps can potentially slow down your computer. In the end, the trade-off didn’t seem to be worth it.

But is that still true today? After all, Macs are increasingly becoming a target of cybercriminals, with some Mac malware strains supposedly even being created by nation states. In that kind of situation, has the game changed?

Read more
Best Prime Day Apple deals in 2024: AirPods, MacBooks, iPads
Best Prime Day Deals

Prime Day 2024 is almost over. If you've been holding off buying an Apple product until some great Prime Day deals, then you'll be happy to know that this is your sign, and now is the time. Even better, it seems that Apple and other retailers are pulling out the stops when it comes to Apple's products, as we're seeing quite a few great deals across the board. We've collected some of our favorite deals below, but if you'd like to check out a few more options, be sure to check out these Prime Day MacBook deals, Prime Day smartwatch deals, and Prime Day headphones deals.
Today's best Apple deals

Amazon Prime Day 2024 is scheduled for July 16 and 17. We've rounded up our favorite Apple deals that are still available, but you're going to have to hurry with your purchase because we're not sure how much time is remaining on these offers. There is no guarantee they will last until midnight on Wednesday.

Read more