Skip to main content

'Almost all' cybersecurity tools have major security issues

(Image credit: Image Credit: Sergey Nivens / Shutterstock)

Almost all major cybersecurity tools (opens in new tab) could be exploited to give attackers elevated privileges on a target machine.

This is according to a new report from cybersecurity firm CyberArk, which claims that “probably every Windows machine out there” has at least one software that can be abused to gain elevated privileges.

Most of the time, claims CyberArk, privileged access can be achieved through file manipulation attacks.

Further, anti-malware products appear to be a lot more vulnerable to exploitation than other types of software, due to the fact they need greater access in order to function.

The sheer number of bugs found in anti-malware products (opens in new tab) is “staggering”, CyberArk says, but many of which can be removed with relative ease.

Among the most popular flaws, the researchers singled out the default DACLs of the C:\ProgramData directory, shared log file bugs, creating an installation directory upfront, as well as using an old installation framework.

“The implications of these bugs are often full privilege escalation of the local system. Due to the high privilege level of security products, an error in them could help malware to sustain its foothold and cause more damage to the organization,” explained CyberArk’s Eran Shimony in a blog post (opens in new tab).

"The exploits that were presented here are easy to implement, but also easy to patch against. We have seen that blocking symlink attacks or blocking the load of malicious DLLs require only a small touch-up in the code. Knowing that, AV vendors should be able to eliminate this widespread bug class.”

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.