Has a fix voor AVGater been released for F-Security Anti Virus? Can't find it anywhere.
Hi Micha and Ukko,
We are aware of this and are currently in the midst of investigation. We will get back to you with more information once the investigation is over.
Sorry for my reply. I'm also only F-Secure user (their home solutions).
Only after your topic - I decided to look for AVGater and based on description of it (and some examples of use):
--> Does it should be fix for ?! what part of design?
Looks like that this kind of 'vulnerability' more valid for those solutions where users do able to use quarantine/restore with user's rights (or do not able to write files with certain directories). F-Secure do ask Administrators rights (UAC-prompt) for restore/allow quarantined file (or even for Open quarantine).
Except 'official' page about AVGater -> another URL was article for Microsoft's opinion:https://blogs.technet.microsoft.com/mmpc/2017/11/13/avgater-vulnerability-does-not-affect-windows-defender-antivirus/
Where they claimed that Windows Defender is not affected (as example). But I'm not sure that I understand their concern properly (because I able to suspect that maybe Windows Defender do not allow to restore with such situation).
--> But if about 'ability' to use mklink (as example) for re-target (directory junction) "quarantined-file's folder" to any other folders (for example, F-Secure folder); And then to restore quarantined file -> most likely it should work and file will be placed under F-Secure folder (like if you place it by own steps).
.. not sure about autoload files/libraries at loading system (even just ability to restore with such situation - maybe is not always good).
Did you have more experience about this?
Hi, thanks for your kind reply!
I was asking because I havent read anything about it from F-Secure, and they are being mentioned in some articles about AVGater. Not an AV expert, but I am curious
m1cha wrote:Hi, thanks for your kind reply! I was asking because I havent read anything about it from F-Secure, and they are being mentioned in some articles about AVGater. Not an AV expert, but I am curious CheersMicha
So... I feel it's good that you informed F-Secure! And will be nice to receive their statement about it.