-
```
Kaspersky requested that I start sending them raw fuzz output, in order to more
rapidly get reports. I agreed, and sent them the first batch of crashes after
verifying they all reproduced with t…
-
```
When you install TrendMicro Antivirus on Windows, by default a component called
Password Manager is also installed and automatically launched on startup.
http://www.trendmicro.com/us/home/produc…
-
```
The ACL on %PROGRAMDATA%\Kaspersky Lab allows BUILTIN\Users to create new
files. This can be abused to create new plugins and modules during update, and
other filesystem races to gain elevated p…
-
```
The FireEye MPS (Malware Protection System) is vulnerable to a remote code
execution vulnerability, simply from monitoring hostile traffic. FireEye is
designed to operate as a passive network ta…
-
```
A component of Kaspersky Internet Security that’s enabled by default is
called the “Network Attack Blocker”, described as “protects the computer
against dangerous network activity”. I examined t…
-
```
Kaspersky requested that I start sending them raw fuzz output, in order to more
rapidly get reports. I agreed, and sent them the first batch of crashes after
verifying they all reproduced with t…
-
```
A component of Kaspersky Internet Security that’s enabled by default is
called the “Network Attack Blocker”, described as “protects the computer
against dangerous network activity”. I examined t…
-
```
When a user installs AVG AntiVirus, a Chrome extension called "AVG Web TuneUp"
with extension id chfdnecihphmhljaaejmgoiahnihplgn is force-installed. I can
see from the webstore statistics it ha…
-
```
When Kaspersky https inspection is enabled, temporary certificates are created
in %PROGRAMDATA% for validation. I observed that the naming pattern is
{CN}.cer.
I created a certificate with CN=…
-
```
When a user installs AVG AntiVirus, a Chrome extension called "AVG Web TuneUp"
with extension id chfdnecihphmhljaaejmgoiahnihplgn is force-installed. I can
see from the webstore statistics it ha…