Tech content trusted by users in North America and around the world
7,246 Reviews & Articles | 52,555 News Posts

AVG Chrome extension had a huge security hole, patched just in time

AVG just patched a huge security hole that they found in their Chrome add-on before it could become blown out of proportion and used nefariously
By: Jeff Williams | Hacking & Security News | Posted: Dec 30, 2015 12:32 am

One of AVG's Chrome addons, Web TuneUP had a security hole that your could drive a tank into, something that could potentially let websites with malicious code in their CSS take control of your PC, though only in a trivial manner.




The exploit was originally found by Google, who reported it to AVG to have fixed. The initial fix wasn't quite good enough, so they just pushed out a new fix that seems to solve the issue. That being said, it still seems to be vulnerable to XSS attacks, though that should be fixed soon as well.


One generally thinks that antivirus companies are a bit more scrupulous and careful when designing their applications, but this mistake, and a mostly glaring one, calls to question the type of quality control and examination goes on before things go live. But it's best to fly without any addons, because all addons can potentially be security risks. Browse safe!


Related Tags

Got an opinion on this news? Post a comment below!