Avast antivirus is a reputed name in the field of security. The firm has just taken an extreme step to safeguard its users from potential attacks. A bug that was found in the service’s JavaScript engine would let attackers exploit victims by remote code execution attacks. Therefore, Avast disabled its JavaScript scanner until a solution is ready to patch it.

A backdoor for attackers to exploit

Enthusiastic attackers are active since day zero, which led Avast to take a proactive step for buzzing them off. Tavis Ormandy, a security researcher at Google found this bug in Avast’s JavaScript engine on March 4th this year. Then he made a tool that analyzed the vulnerability and disclosed it to Avast for correction.

Avast Disables its JavaScript Engine Until an Internal Bug is Patched
Avast Disables its JavaScript Engine Until an Internal Bug is Patched

The tool Ormandy invented back in 2017 was helpful for porting Windows DLL files into Linux. But this was also used now for finding a bug in Avast’s JavaScript engine, that could let any potential malware into the system. When he released this tool again on March 9th, Avast too appreciated him for making their vulnerability analysis simpler with it.

An attack using this bug could be simpler than ever. An attacker would send an email to a person, with a JavaScript or WSH file that contains malicious code to run on PC. And when downloaded, it would grant the attacker with SYSTEM-level access for any major exploitations.

No patch yet? Let’s disable.

As of now, Avast hasn’t released any patch for this bug, instead decided to disable the entire JavaScript engine for a good cause. This is an extreme step, as it’s necessary for analyzing any JavaScript codes before being installed on the user’s PC. Further, there’s no timeline said by Avast too. This could be a fine step, as letting users be more suspicious about clicking on malicious links is better than letting attackers enter through a backdoor.

Avast on taking this step said, “We have fixed this by disabling the emulator, to ensure our hundreds of millions of users are protected from any attacks. This won’t affect the functionality of our AV product, which is based on multiple security layers.”

Via: ZDNet


Please enter your comment!
Please enter your name here