Jump to content


Photo

Serious flaw Discovered in Avast's SafeZone Browser


  • Please log in to reply
No replies to this topic

#1 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,388 posts

Posted 06 February 2016 - 10:52 AM

The flaw could allow a malicious website to read cookies, stored passwords and local files.

http://www.pcworld.c...ne-browser.html

 

Several antivirus vendors have taken the open-source Chromium browser and created derivatives that they claim are more privacy-friendly and secure. Yet, at least two of them were recently found to have serious flaws that don’t exist in Chromium.

 

The latest example is the Avast SafeZone browser, internally known as Avastium, which is installed with the paid versions of Avast’s antivirus and security suites. Google Project Zero researcher Tavis Ormandy found a vulnerability that could allow an attacker to take control of Avastium when opening an attacker-controlled URL in any other locally installed browser.

 

After Ormandy reported the flaw on Dec. 18, Avast deployed a temporary fix that broke the attack chain. The company provided a complete fix Wednesday as part of Avast version 2016.11.1.2253.

 

Read the entire article at the link above.


Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005





Member of

Support SpywareInfo Forum - click the button
PayPal - The safer, easier way to pay online!