Researchers from the security company SentinelOne have struck again! After revealing critical security flaws in a Dell computer driver and in printer drivers for Windows, they have just revealed two flaws that affect Avast and AVG antivirus.
These two flaws, called CVE-2022-26522 and CVE-2022-26523, concern the aswArPot.sys driver responsible for fighting against rootkits and which has privileges equivalent to those of the Windows kernel. By exploiting these flaws, hackers can therefore execute code with elevated privileges. They can also cause the operating system to crash with the display of a blue screen of death (BSOD).
SentinelOne researchers have only just made the existence of these flaws public, but alerted Avast as early as December 20, 2021. The good news is that the publisher discreetly deployed a patch on February 8, 2022. So , if your Avast antivirus is old, you must update it.
Also see video:
On the other hand, Avast and SentinelOne do not agree on the age of the flaws, which have been present since version 12.1 of the program. According to SentinelOne, this version dates from January 2012 while history from Avast indicates a launch in June 2016. Either way, the flaws have been present for at least six years and have affected, according to SentinelOne, tens of millions of users. On the other hand, security researchers do not yet know if they have been exploited by hackers.
Source : Sentinel One