Running any of these security suites? You could be in serious trouble

News
By published

These major flaws don't just affect antivirus software, either

Virus

A good number of internet security suites carry worrying flaws that could leave users open to exploit, according to some new research.

Cybersecurity firm enSilo found no less than six common problems which affect over 15 different AV products, all of which derive from the errant implementation of code hooking (used to monitor operating system functions) and injections techniques.

Microsoft's Detours, the most widely used hooking engine, is affected.

Attackers can use these flaws to get around Windows (or other apps) mitigations against exploits, and the affected security suites include many of the major players such as AVG, Avast, Bitdefender, Kaspersky, McAfee, Symantec, Emsisoft and Webroot among others.

All of these antivirus makers have been informed, and some have moved to fix the issue in the last month, enSilo noted – without specifying any names. The bad news is that patching this one up involves recompiling the product in question, so it's far from a trivial fix.

Millions affected

It's not just security suites which are hit by this, either, as the Detours hooking engine is used by many software makers, so this flaw could affect a large amount of other programs and potentially millions of users.

In a blog post, enSilo observed: "Most of these vulnerabilities allow an attacker to easily bypass the operating system and third-party exploit mitigations. This means an attacker may be able to easily leverage and exploit these vulnerabilities that would otherwise be very difficult, or even impossible, to weaponise.

"The worst vulnerabilities would allow the attacker to stay undetected on the victim's machine or to inject code into any process in the system."

The good news, such as it is, is that Microsoft has a patch to address this inbound for Detours next month. And hopefully security firms are on the ball with their own fixes – it might be a good idea to get in touch with your provider to check up on whether these issues have been addressed.

Update: We've heard from Webroot, with Eric Klonowski, Senior Advanced Threat Research Analyst, telling us: "Webroot has fully patched this vulnerability. enSilo contacted us about this vulnerability during the last week of December, and our team corrected it the following week. As security is our top priority, all Webroot customers received this update from the cloud immediately after release."

Via: PC World

TOPICS
Darren Allan

Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).

Latest in Security
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak
A major Keenetic router data leak could put a million households at risk
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple routers hit by new critical severity remote command injection vulnerability, with no fix in sight
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Latest in News
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
An aerial view of an Instavolt Superhub for charging electric vehicles
Forget gas stations – EV charging Superhubs are using solar power to solve the most annoying thing about electric motoring
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
More about security
cybersecurity

Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak

A major Keenetic router data leak could put a million households at risk
Student with headphones around her neck using a phone while sitting in a cafe in front of a laptop

One of the richest men in the world castigates the billions of dollars spent on buying laptops for US classrooms with no apparent improvements
See more latest
Most Popular
Student with headphones around her neck using a phone while sitting in a cafe in front of a laptop
One of the richest men in the world castigates the billions of dollars spent on buying laptops for US classrooms with no apparent improvements
An aerial view of an Instavolt Superhub for charging electric vehicles
Forget gas stations – EV charging Superhubs are using solar power to solve the most annoying thing about electric motoring
Tesla Model Y 2025
Tesla’s EU sales are in freefall as VW races ahead, but the Model Y could change all that
Asus NUC 15 Pro+
Asus unveils its most powerful mini PC to date — but I don't think the Intel-powered NUC 15 Pro+ will compete with Strix Halo models
HDD
Seagate teams with Nvidia to build an NVMe hard drive proof of concept, more than 3 years after its last effort
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora