A worrying flaw in almost all antiviruses

Due to a large vulnerability, 28 antivirus products on the market can be returned to destroy files essential to the functioning of the operating system. Whether with Windows, macOS or Linux, no OS is spared.

Norton, McAfee, Eset, BitDefender, Kaspersky, Avira, F-Secure, Sophos, Microsoft, FireEye, Panda, Norton, Avast, WebRoot, Comodo Too many privileges, at least 28 security solutions from market no longer see the threat and can be returned to harm the computer .

This is in any case revealed by a report published by the security researchers of Rack911 , a company located in Las Vegas in the United States. Even if they have mostly corrected fire since discovery, all these security solutions suffered from a vulnerability which could lead to the deactivation of the antivirus or to the deletion of files essential for the proper functioning of theoperating system . Windows, macOS, Linux , none of these systems are spared the vulnerability of their antivirus when it is present.

Administrator rights returned against the system

The fault is subtle and finding it was quite improbable. The team worked around the existing links between different files. The system is called “symbolic link” and allows to point a file to another. If a hacker manages to introduce a file deemed malicious by the antivirus, it will then delete it or quarantine it.

Let us admit that the file in question managed just before neutralization to create symbolic links pointing to files essential to the functioning of the system and even of the antivirus. The latter will then also delete or isolate them, even if they are files with a high level of protection. It is indeed because of its protection mission that the antivirus has almost all rights to move or delete contaminated files , even the most essential.

In the end, at best, with the antivirus disabled, it would be possible to leave the door open to any pest, or to “crash” the operating system to the point of rendering it unusable.