-
```
A component of Kaspersky Internet Security that’s enabled by default is
called the “Network Attack Blocker”, described as “protects the computer
against dangerous network activity”. I examined t…
-
```
One component of Avast Antivirus is called "Sandbox". As you might guess, it's
a proprietary application sandbox for Windows. Avast describes it as "[...]
lets you run apps, download files, and …
-
```
A component of Kaspersky Internet Security that’s enabled by default is
called the “Network Attack Blocker”, described as “protects the computer
against dangerous network activity”. I examined t…
-
```
When Kaspersky https inspection is enabled, temporary certificates are created
in %PROGRAMDATA% for validation. I observed that the naming pattern is
{CN}.cer.
I created a certificate with CN=…
-
```
When Kaspersky https inspection is enabled, temporary certificates are created
in %PROGRAMDATA% for validation. I observed that the naming pattern is
{CN}.cer.
I created a certificate with CN=…
-
```
The ACL on %PROGRAMDATA%\Kaspersky Lab allows BUILTIN\Users to create new
files. This can be abused to create new plugins and modules during update, and
other filesystem races to gain elevated p…
-
```
When a user installs AVG AntiVirus, a Chrome extension called "AVG Web TuneUp"
with extension id chfdnecihphmhljaaejmgoiahnihplgn is force-installed. I can
see from the webstore statistics it ha…
-
```
The ACL on %PROGRAMDATA%\Kaspersky Lab allows BUILTIN\Users to create new
files. This can be abused to create new plugins and modules during update, and
other filesystem races to gain elevated p…
-
```
When a user installs AVG AntiVirus, a Chrome extension called "AVG Web TuneUp"
with extension id chfdnecihphmhljaaejmgoiahnihplgn is force-installed. I can
see from the webstore statistics it ha…
-
```
http://www.ubuntu.com/usn/usn-2581-1/
---
Tavis Ormandy discovered that NetworkManager incorrectly filtered paths
when requested to read modem device contexts. A local attacker could
possibly use…