NCC Advises on Automatic Updates of Antiviruses to Avoid Vulnerabilities

Francis Francis

Francis Francis

The Nigerian Communications Commission (NCC) has advised telecom consumers and other Information and Communications Technology (ICT) end users on the need to always enable automatic update features for AVAST and AVG antiviruses to prevent potential cyber vulnerabilities.

This was contained in a new advisory released by the Computer Security Incident Response Team (CSIRT), the cybersecurity centre for the telecom sector established by the Commission, in continuation of its resolve to always keep Nigerians safe in the cyber space.

The advisory noted that cyber vulnerability in AVAST and AVG Antiviruses can lead to attacks on millions of devices with high impact in terms of consequences to the ICT user. The threat types as a result of this vulnerability are Bypass Authentication, Remote Code Execution and Unauthorised Access while consequences range from Privilege Escalation, Bypass Security Products, Overwrite System Components and corrupting the Operating System.

According to CSIRT, researchers at SentinelOne security firm have discovered two potentially damaging vulnerabilities in AVAST and AVG antivirus products that allow attackers to escalate privileges enabling them to disable security products, overwrite system components, corrupt the operating system, or perform malicious operations unimpeded.

“Two vulnerabilities identified as CVE-2022-26522 and CVE-2022-26523 targeted the “Anti Rootkit” driver of Avast antivirus (also used by AVG) allowing an attacker with limited privileges on the targeted system to execute code in system mode (kernel mode) and take complete control of the device. Moreover, the vulnerabilities allow complete take-over of a device, even without privileges, due to the ability to execute code in kernel mode,” the CSIRT said in the advisory.

However, the cybersecurity centre has offered a tripartite measures that should be taken by Internet/ICT users to prevent being vulnerable to the cyber threats. They include enabling automatic update feature for AVAST and AVG antiviruses, upgrading AVAST and AVG antiviruses to version 22.1.2504, as well as carrying out regular patch management.

Our motto is: ‘We stand for the truth, irrespective of who tells it’. Driven by this philosophy, our aim has been to create a platform where every voice, every narrative – provided they are decently expressed –  is allowed expression. Our belief is that by promoting unfettered competition of ideas, the truth will eventually emerge. Obviously, doing this while resisting any temptation to be captured by any special interest or tendency makes survival as an online newspaper more challenging. This is why we will appreciate any support from our readers:

Bank details:

Account Name: The News Chronicle
Bank: UBA
Account No.: 1022603956 (Naira)

Domiciliary Account  – dollar-denominated:
Bank:  UBA
Account Number: 3002835294 ($)

Please email details of your bank transfer to: publisher@thenews-chronicle.com or send them by WhatsApp to: 07058078841

Professor Jideofor Adibe

Publisher

Leave a Reply

Your email address will not be published.

Follow Us For More

Related Posts

ADVERTISEMENT

What's New?

ADVERTISEMENT

Recommended