Fix for AVGater

m1cha
m1cha Posts: 6 Observer

Hello,

 

Has a fix voor AVGater been released for F-Security Anti Virus? Can't find it anywhere.

Comments

  • Ukko
    Ukko Posts: 3,611 Superuser

    Hello,

     

    Sorry for my reply. I'm also only F-Secure user (their home solutions).

     

    Only after your topic - I decided to look for AVGater and based on description of it (and some examples of use):

     

    --> Does it should be fix for ?! what part of design?

    Looks like that this kind of 'vulnerability' more valid for those solutions where users do able to use quarantine/restore with user's rights (or do not able to write files with certain directories). F-Secure do ask Administrators rights (UAC-prompt) for restore/allow quarantined file (or even for Open quarantine).

    Except 'official' page about AVGater -> another URL was article for Microsoft's opinion:
    https://blogs.technet.microsoft.com/mmpc/2017/11/13/avgater-vulnerability-does-not-affect-windows-defender-antivirus/

    Where they claimed that Windows Defender is not affected (as example). But I'm not sure that I understand their concern properly (because I able to suspect that maybe Windows Defender do not allow to restore with such situation).

     

    --> But if about 'ability' to use mklink (as example) for re-target (directory junction) "quarantined-file's folder" to any other folders (for example, F-Secure folder); And then to restore quarantined file -> most likely it should work and file will be placed under F-Secure folder (like if you place it by own steps).

    .. not sure about autoload files/libraries at loading system (even just ability to restore with such situation - maybe is not always good).

     

    Did you have more experience about this?

     

    Thanks!

  • m1cha
    m1cha Posts: 6 Observer

    Hi, thanks for your kind reply!

     

    I was asking because I havent read anything about it from F-Secure, and they are being mentioned in some articles about AVGater. Not an AV expert, but I am curious :)

     

    Cheers

     

    Micha

  • Ukko
    Ukko Posts: 3,611 Superuser

    m1cha wrote:

    Hi, thanks for your kind reply!

     

    I was asking because I havent read anything about it from F-Secure, and they are being mentioned in some articles about AVGater. Not an AV expert, but I am curious :)

    Cheers

    Micha


    Hello,

     

    So... I feel it's good that you informed F-Secure! And will be nice to receive their statement about it. :)

This discussion has been closed.