Re: [Full-disclosure] Avast Antivirus

On Tue, 17 Jan 2012, Floste wrote:


Avast Antivirus also comes with sandbox and a "SafeZone". But both can
be circumvented using simple dll-injection and they seem to do nothing
about it:

Maybe this post here will encourage them to fix it.

In my understanding a sandbox is not supposed to prevent you from getting
in from the outside but from escaping from the inside. So if a sandboxed
process injects a DLL in say a running IE process outside -- then we are
talking about vulns

bye, ju

Juergen Schmidt Chefredakteur heise Security
Heise Zeitschriften Verlag, Karl-Wiechert-Allee 10 , D-30625 Hannover
Tel. +49 511 5352 300 FAX +49 511 5352 417 EMail ju@xxxxxxxxx
GPG-Key: 0x38EA4970, 5D7B 476D 84D5 94FF E7C5 67BE F895 0A18 38EA 4970

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -