Security Blog

Vulnerability in windows antivirus products (IK-SA-2017-0001)

The protection of users and the quality assurance of our products are of highest importance to IKARUS. Transparent communication and the trust of our customers as well.
Therefore we publish information for the identification and elimination of potential vulnerabilities, which are affecting our software packages.

An independent security researcher has reported serious security vulnerability in a module of our Windows Anti-Virus software to Beyond Security’s SecuriTeam Secure Disclosure program.

This vulnerability could be exploited to allow attackers to execute unauthorized code on affected systems. At the moment there is no active use of this exploit. A bug-fix version is already available.

In order to ensure the security of our software and customer systems, we recommend that you update immediately to the latest version of our software.

Please forward this information to the responsible people in your company so they can implement this necessary update quickly.

For the exact details please see the following technical description:

A Remote Code Execution vulnerability was found in all our windows antivirus products.
The issue affects the update process of binaries (executable modules).

Severity: Critical
Successful exploitation of this issue would allow an attacker to remotely execute code in the client machine with elevated privileges.

Products affected:
All windows AV products with updater version <= 1.5.90

Available updates:
Updater versions >= 1.5.91


IKARUS is thankful for the information for the identified security gap. It has allowed our development team to respond quickly and to overcome the challenge on time.


© 2018 IKARUS Security Software GmbH