Bugtraq mailing list archives
Re: AVG 7 granting Everyone Full Control to updated files... even its drivers
From: Matti Haack <m.haack () haack-it de>
Date: Wed, 8 Mar 2006 12:52:56 +0100
Grisoft issued a fix for the Problem, wich installs with the latest Update: --- AVG Anti-Virus Update --- (03/08/2006) ******************************** ** AVG Anti-Virus 7.1 ** ******************************** --- information about Update --- Update Summary: * fix for the too relaxed permission after the update * changes in scanning core, mainly new generic getection of some polymorphic viruses and support for more run-time compression algorithms * ability to set up exclusions for the detection of potentially unwanted programs * in firewall, ability to define new global rules and to step back firewall configuration Update your AVG Anti-Virus 7.1 using one of the following methods: - Use the Update feature in AVG Anti-Virus 7.1 to perform your update - select "Internet", and AVG will prompt you with the update files appropriate for your installation. - Use the appropriate link from below to download the Update file to your hard drive. Then access the Update feature in AVG Anti-Virus 7.1 - select "Folder" and indicate the location of the Update file which you have downloaded. Update file for all Program versions (size 4094665 bytes): http://www.grisoft.cz/softw/70/update/u7fwf3845z.bin Update file for all Program versions (size 6974519 bytes): http://www.grisoft.cz/softw/70/update/u7f3845z.bin Update file for all Program versions (size 1378218 bytes): http://www.grisoft.cz/softw/70/update/u7hlpf3795z.bin Update file for all Program versions (size 2638096 bytes): http://www.grisoft.cz/softw/70/update/u7lngextf3785z.bin All available Update files, including previous versions, may be found at the following link: http://www.grisoft.com/update/index.php?lng=com -- GRISOFT
There is more here: http://www.dslreports.com/forum/remark,15601404
Basically, a first time install of AVG 7 will have default permissions. \Program Files\Grisoft\AVG Free has inherited permissions from \Program Files. This is preferred, because lower privileged accounts can't damage it.
Once any files are updated, the permissions are changed to "Everyone" with "Full Control" on the updated files, and will change the owner to whomever is logged in. Even limited users become owners. That does not stop at \Program Files\Grisoft\AVG Free, it will even do that to AVG's drivers in %windir%\system32\drivers.
- Matti Haack - Hit Haack IT Service Gmbh Poltlbauer Weg 4, D-94036 Passau +49 851 50477-22 Fax: +49 851 50477-29 http://www.haack-it.de Dieses Dokument ist ausschliesslich fuer den Adressaten bestimmt. Jegliche Art von Reproduktion, Verbreitung, Vervielfaeltigung, Modifikation, Verteilung und/oder Publikation dieser E-Mail-Nachricht ist untersagt, soweit dies nicht ausdruecklich genehmigt wurde. Jegliche Haftung fur Ansprueche, die aufgrund der Kommunikation per E-Mail begruendet werden koennten, ist ausgeschlossen, soweit der Haftungsausschluss gesetzlich zulaessig ist. -- Ausgehende E-Mail wurde auf Viren gescannt --
Current thread:
- AVG 7 granting Everyone Full Control to updated files... even its drivers redxii1234 (Mar 04)
- Re: AVG 7 granting Everyone Full Control to updated files... even its drivers Matti Haack (Mar 08)