Avast! dla Windows z poważną podatnością ataku XSS

In a Medium blog post, a security researcher highlighted an XSS vulnerability in the Avast Desktop Antivirus which he discovered earlier this year. According to his findings, an attacker could simply trigger the vulnerability with WiFi SSIDs. In brief, he found that a potential attacker could include a malicious payload into an SSID name. Then, if a Windows device running Avast antivirus would connect to this network, the antivirus would execute the XSS. The exploit basically worked due to a feature in the Avast antivirus program for Windows. By default, the program displayed a pop-up notification whenever the device attempts to connect to a WiFi network. As it used to display the SSID name without sanitization, it was possible for any potential attacker to inject a malicious payload into the SSID name, which would then execute. Following the script execution, the pop-up notification would then display a fake login prompt created by the attacker. Since the targeted user would see no URL, the victim would be more likely to believe it safe to enter their login credentials.

Avast! taki bezpieczny, a nie czekaj…