Fortinet Discovers Avast Security Product Security Bypass Vulnerability
Summary
Fortinet's FortiGuard Labs has discovered Security Bypass vulnerability in Avast.
It has been discovered that Avast self-defense driver can be bypassed by user-mode program. It would allow adversary to disable critical product functionalities. The flaw resides in Avast's self-defense driver aswSp.sys which allows adversary to modify Avast protected registry key. By exploiting the vulnerability, attackers could have the product become completely nonfunctional or partially malfunction by disabling the product update.
Solutions
Users should apply the solution provided by Avast.
Additional Information
Following products and versions are affected.
 AVAST Free Antivirus 12.2.2276  and below
Timeline
Fortinet reported the vulnerability to Avast on August 19, 2016.
Avast confirmed the vulnerability on September 2, 2016.