We depend on the antivirus tools to protect our systems from unwanted viruses and malicious threats. Though some are less effective in comparison to others, but we use them due to our system protection needs.
The leading cybersecurity solution and services company, Rack911 has revealed in a report that the ability to protect data or say protecting component stops working even before a threat gets neutralized. There are several antivirus programs, including Microsoft Defender, McAfee Endpoint Security, and Malwarebytes, which had or have bugs that would let attackers delete unnecessary files and manipulate certain file operations.
To resolve the issues, Rack911 Labs has come up with a unique and simple method of using directory junctions for Windows and symlinks for macOS and amp; Linux. It will enable every antivirus software into self-destructive tools.
The researchers have noted that most of the vendors (including F-secure, McAfee, AVG, and Symantec) have fixed the bugs. But, there are still a few antivirus programs that are left vulnerable. The report by Rack911 said that taking advantage of the antivirus software was a smart move.
The report says, “The goal of this disclosure was not to name and shame vendors, but to bring attention to how easy it was to leverage the antivirus software to become destructive tools. It is our goal that not just antivirus vendors, but all software vendors check their code for potential directory junction and symlink style attacks; they are so easy to perform and as demonstrated on this page, can be incredibly dangerous!”
It is suggested to update your security software at the earliest to troubleshoot and reduce the potential damage rather than bearing with a compromised system.