Top Antivirus brands were vulnerable security affairs

AVG, McAfee and Kaspersky were vulnerable to critical security flaws. enSilo security experts have found critical security vulnerabilities in several antivirus software that could use by attackers to turn antivirus software as an attacker enabler tool.
Few of the top antivirus brands have had a sudden surprises, the antivirus software they provide to their clients have been compromised by several complex security vulnerabilities that could exploited to hack computers.
enSilo security researchers have found various serious vulnerability flaws in popular antiviruses like AVG, McAfee and Malwarebytes. In March researchers discovered flaws in AVG Security 2015. The researchers found that AVG software was allocating memory for read, write and execute permissions in a predictable address. These memory address could be exploited by attacker to inject and execute their malicious code in targeted computer.
enSilo researchers reported vulnerabilities to AVG and they fixed the flaws promptly within a couple of days. Now the enSilo experts decided to test other security software including Sophos and McAfee. They found that Kaspersky Total Security 2015 also affected by vulnerability. Listed below are the security products which are affected by vulnerabilities discovered by enSilo experts:
Now enSilo have discovered vulnerabilities in following top antivirus brands. Soon they we will continue updating this vulnerable antivirus list as they receive more information.
McAfee virus scan enterprise version 8.8. The vulnerability appears in their anti-malware + add-on modules, scan engine version (32 bit) 5700.7163, Buffer overflow, DAT version 7827.0000, Access Protection DAT version 659, installed patches : 4. enSilo notified Malwarebytes technical support about vulnerability flaws and they fixed flaws silently by releasing patches.
Kaspersky total security 2015 – enSilo have notified Kaspersky about vulnerability flaws and they have silently fixed flaws by releasing patches in September 2015.
AVG internet security 2015 – enSilo have notified Kaspersky about vulnerability flaws and they have silently fixed flaws by releasing patches in March 2015.
The researchers were planned to analyze other fixed and update readers about status of their security software. Vice President of enSilo Tomer Bitton posted in his blog “we will continue updating this list as we receive more information”. “Mentioned that it is a repetitive coding problem amongst antivirus products, we believe this vulnerability also appears in other products, non -security related such as application performing products.

Security expert at Google Tavis Ormandy posted in his blog the similar vulnerabilities with Kaspersky software. In his blog post he detailed how it is possible to exploit security problems. He has created a checking tool called A Vulnerability Checker to allow users to check if their computer is vulnerable by considering gravity of problem and its widespread nature.
“Considering the gravity of the problem and widespread nature, we have created a tool – A Vulnerability Checker – that checks whether an application running in your computer is vulnerable to flaws. If vulnerable, the tool will not be able to tell you which application contains flaws, but it will point out where to start analysis”.
enSilo researchers said “McAfee and Kaspersky have already fixed the security issues by releasing patches”.