Symlink Security Bug Detected in 28 Antivirus Apps

Have you ever imagined a computer system without an antivirus suite? Sounds terrifying right. Well, the newly detected Symlink security bug has the capacity to neutralize and cease the overall working of an antivirus.

A good security system keeps our system secure from malicious malware, PC threats, and digital crimes, but cybercriminals have found a way to bypass all your security walls with Symlink. The deadly bug has the power to make your antivirus program useless.

As per the findings of security research at Rack911 Labs, the security bug has the capacity to turn off popular security suites including Kaspersky, AVG, Avast, Norton, and many more. It has the power to turn these tools into dangerous applications.

What is the Working Style of an Antivirus?

In broader terms, the actual use of an antivirus program is to protect your system from malicious malware and viruses.

Whenever you download a file and save it on the hard drive, your security device performs a system scan to check the health of the downloaded file. If an infection is detected it notifies the users.

The detected files are usually placed next to the legitimate files, which marks the root cause of system vulnerabilities and loopholes, a researcher at  Rack911 told in his statement. In addition to this, he also stated that Symlink race vulnerabilities the malicious files placed on your system start executing harmful actions on the licit files.

These bugs attach themselves to higher-privilege and approved files and result in EoP attacks (Elevation-Of-Privilege).

The Symlink bug is intelligently designed to detect and remove all necessary files essential for the normal functioning of your antivirus program. This means once these bugs get a place in your system, then they can remove various OS files and make your security program dead and ineffective.

Cybersecurity experts have quoted in their research that “The security bug is extremely harmful and can exploit multiple devices. It can also remain unidentified and hidden from the eyes of expert researchers for a long time”.

The biggest thing to worry about is its capacity to infect seasoned security tools and advanced operating systems like macOS, Windows, and Linux.

Patch Rolled Out

After all the tension, you can not take a sigh of relief as most of the infected antivirus tools have managed to fix the bugs but a few tools remain vulnerable to the Symlink bugs.

There is no official announcement by the security researchers in this area. So, all we can do is trust them and go by their words.