![]() Users of CCleaner 5.33 are urged to immediately update (opens in new tab) to the latest CCleaner 5.34 version. Previous research has showed that the overwhelming majority of security bugs would be rendered useless if people would use Standard/Limited accounts instead of Administrator accounts by default. Talos added that right now very few antivirus programs can even catch the CCleaner malware: only one antivirus engine out of 64 was able to detect it (ClamAV).įinally, it’s always a good idea to use a Standard/Limited account on your Windows PC by default, as opposed to using an Administrator account. Talos also showed that anti-exploit technology can be quite useful in situations where antivirus software cannot, as Malwarebytes has also said in the past. Additionally, if updates are automatic, the damage could be much larger, as we saw with the NotPetya attack.Īutomatic updates may still be a net win for users because of how many patches to exploitable bugs could reach users faster than otherwise, but it also means that developers of software with automatic updates should take the security of their update servers that much more seriously. What we can learn from this situation is that attackers seem to be increasingly targeting developers of popular software as a way to more easily infect millions of users at once. ![]() Other factors limiting the potential impact were the fact that the malware was only bundled with the 32-bit version of the software, as well as the malware only activating on Windows accounts with administrator privileges. If they were, we may have seen orders of magnitude more users being infected. However, there are a few factors that limited the number of infections, one of which is that for users of the free version of CCleaner, updates are not automatic. Potential ImpactĬCleaner had 130 million active users at the time of the Avast acquisition, and it continues to gain millions of users every week. The Talos team believes it may have more to do with an attacker compromising Avast’s development and signing process for the CCleaner application and recommended that this certificate be immediately revoked and untrusted going forward.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |