The recently discovered exploit proves that even the best and popular Antivirus solution is not foolproof. The new exploit known as AvGator is created by a security consultant named Florian Bonger. As we know, several antivirus software provides the feature to quarantine files. This feature is useful for users because it gives users the option to restore the quarantined files whenever they want. With the latest Exploit AvGator, hackers can mishandle the “restore from Quarantine” feature to gain full access to victims computer. Well, by default, a user without admin privileges can’t perform write operations in C:\Windows or C:\Program Files folders.
However, the new AvGator exploit allows users to bypass all those restrictions by abusing the Windows NTFS directory junctions. So, a user can restore quarantined files to a new location to infect the whole system. But, the attack also has some downside like it can be only performed by a user having physical access to victim’s computer. Therefore, it looks nearly impossible to carry on this type of attacks and having a proper security solution will add the extra layer of security. Florian Bonger informed all antivirus provides about the AVGator exploit. Some antivirus providers have released an update to fix this AVGator exploit. So, what do you think about this? Share your views in the comment box below.