Tech

Your antivirus software was probably compromised until very recently

Researchers say a flaw identified in every major antivirus program could have turned the software against users and was "trivial" to exploit.

Blue circuit board closeup connected to a cpu with a glowing padlock symbol on top cybersecurity con...
Shutterstock

Antivirus software is supposed to work for you, not against you. But as researchers from Rack911 Labs found, a trivial flaw in antivirus applications could be exploited to trick the programs into deleting totally innocent files thinking they were malware. Some vendors have patched the flaw in response, while others have yet to do so.

According to a blog post, the vulnerability targets the way Windows and macOS allow anyone to link two file directories together even without admin privileges. Antivirus software works by performing a scan on new files within minutes and then quarantining or deleting ones deemed suspicious. Apparently, in the time between the initial scan and deletion, a malware developer could simply link the files for a suspicious download to another directory on your computer that isn't malicious. Then just like that, the antivirus software wipes out both thinking they're related to the same malicious download.

Antivirus programs have the highest level of system privileges, meaning a malware developer could target core operating system files and have them deleted, rendering your computer a paperweight.

A false sense of security — While Rack911 acknowledges that many major antivirus applications are now patched, its blog post was published more than six months before any provider did so. Which is to say, your antivirus software, like every other piece of software, is never 100 percent hack-proof. And you shouldn't be downloading files willy nilly just because you have the most up-to-date antivirus.

This isn't to say you shouldn't have antivirus software on your computer, because you should. It's just that cybersecurity is a constantly evolving game of cat-and-mouse and as long as operating systems are changing, new exploits will emerge that mean your antivirus is never going to be able to guarantee complete safety. And even the best antivirus is no match for reckless behavior.