This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AVGator

I was reading about a new vulnerability in AV programs, AVGator.  In short, the attack works like this: A malicious file is delivered to the host, the AV catches the malicious file and quarantines the file, the attacker manipulates NTFS to restore the process, a DLL sideloading attack then launched, the malicious code is able to run as the system.

Six major AV vendors have fixed the issue; however, the issue has not been addressed by seven vendors.  Those seven vendors were not named in the article.  I'm curious if Sophos is vulnerable to this attack or not?  Or if Sophos is aware of the issue and is working on fixing it.

arstechnica.com/.../



This thread was automatically locked due to age.