Tag: antivirus

4 articles

Avira: Deserialize, Delete and Escalate - The Proper Way to Use an AV

Date Tue 03 March 2026
Author Lucas Laise
Category Vulnerability

Three vulnerabilities in Avira Internet Security, from an arbitrary file delete primitive to two distinct paths to SYSTEM privileges.

Read article

Intego X9: Why your macOS antivirus should not trust PIDs

Date Thu 26 February 2026
Author Mathieu Farrell
Category Vulnerability

This blog post dives into the most common classes of macOS Local Privilege Escalation vulnerabilities, from time-of-check to time-of-use (TOCTOU) Race Conditions and insecure XPC communications to a range of implementation and configuration oversights. We will explore how attackers can exploit these weaknesses to escalate privileges, and highlight real-world examples to illustrate recurring patterns.

Read article

Intego X9: When your macOS antivirus becomes your enemy

Date Tue 10 February 2026
Author Mathieu Farrell
Category Vulnerability

This blog post dives into the most common classes of macOS Local Privilege Escalation vulnerabilities, from time-of-check to time-of-use (TOCTOU) Race Conditions and insecure XPC communications to a range of implementation and configuration oversights. We will explore how attackers can exploit these weaknesses to escalate privileges, and highlight real-world examples to illustrate recurring patterns.

Read article

K7 Antivirus: Named pipe abuse, registry manipulation and privilege escalation (CVE-2025-67826)

Date Tue 02 December 2025
Author Lucas Laise
Category Vulnerability

Exploitation of the K7 antivirus (CVE-2025-67826), from the vulnerability discovery to the retro-analysis of its key components.

Read article