Fortinet Discovers Multiple Denial-of-Service Vulnerabilities in AvastSvc Core Service
Fortinet's FortiGuard Labs has discovered Denial-of-Service vulnerability in Avast.
It has been discovered that Avast self-defense driver can be bypassed by user-mode program. It would cause denial-of-service in AvastSvc.exe. The flaw resides in Avast's self-defense driver aswSp.sys which allows adversary to inject arbitrary code in AvastSvc core service process that eventually results in AvastSvc.exe denial-of-service.
Users should apply the solution provided by Avast.
Following products and versions are affected.
AVAST Free Antivirus 12.2.2276 and below