Security researchers have discovered an exploit within an Antivirus software that takes advantage of the “restore from quarantine” function and allows a user to move a piece of malware from the quarantined folder to somewhere else on the victim’s computer, allowing the malware to be executed.
Commenting on the news is Javvad Malik, security advocate at AlienVault, who said:
This is not the first time we’ve seen evidence of attackers targeting security software directly in order to push malware or compromise clients. It is a reminder that IT security vendors need to pay as much attention to their own security as they do of their customers; if not more so. If compromising security software becomes a common occurrence, it could severely impact the confidence customers have in the entire market.