Security products and solutions must be constantly updated as they are not exempt from exposure to exploitable vulnerabilities. According to a report from information security experts, the developers of the popular QuickHeal antivirus were informed about a critical vulnerability that would expose millions of users in business, industrial and home environments. As if that weren’t enough, the company has implemented a flawed mitigation process, which does not guarantee the protection of users.
The impact of operating this fault depends on
the use of the vulnerable product and the engine within the QuickHeal customer
organization. In addition, information security experts mention that gateway
products (email, HTTP proxy, among others) could allow a malicious file to be
scanned incorrectly, posing as a legitimate file.
According to specialists in information
security, the antivirus software would not be able to detect any client-side
code or sample contained in the ISO file, so no suspicions would be generated,
even if the tool knows exactly what to look for.
As mentioned at the beginning of the article, QuickHeal developers showed serious shortcomings in coordinating attention to this security flaw. While the official version mentions that the vulnerability was fixed since November 2019, the firm never revealed further details about this process, such as the affected products or the remediation method.
According to the International Institute of Cyber
Security (IICS), the main recommendation for affected deployment managers
is to contact QuickHeal directly to verify that their products have been
updated as reported by representatives of the firm.
The reports also revealed that Seclist.org
specialists were responsible for disclosing the flaw to QuickHeal, which in turn
asked them to keep the matter confidential, at least until the security flaw
was corrected. However, the firm cut off any contact with investigators after
receiving the report.
The International Institute of Cyber Security
says that the latest QuickHeal update was released in the last days of
February. It is hoped that this update will include the most fixed of this
flaw, although the antivirus
developers did not confirm anything.