Fortinet Discovers Multiple Denial-of-Service Vulnerabilities in AvastSvc Core Service
Fortinet's FortiGuard Labs has discovered Denial-of-Service vulnerability in Avast.
It has been discovered that Avast self-defense driver can be bypassed by user-mode program. It would cause denial-of-service in AvastSvc.exe. The flaw resides in Avast's self-defense driver aswSp.sys which allows adversary to inject arbitrary code in AvastSvc core service process that eventually results in AvastSvc.exe denial-of-service.
Users should apply the solution provided by Avast.
Following products and versions are affected.
AVAST Free Antivirus 12.2.2276 and below
This vulnerability was discovered by Wayne Low of Fortinet's FortiGuard Labs.