You’d normally expect antivirus software to improve your web browser’s security, but just the opposite was true for AVG1 until today. The company has fixed2 an exploit in its protective Chrome extension, WebTuneUp, that would let maliciously-coded websites compromise your PC to a “trivial” degree. It could read your email on the web, for example.
AVG was quick about fixing the issue within days of getting a heads-up from Google, but there is a real concern that millions of people were vulnerable for considerably longer.
The discovery reinforces worries that antivirus makers are struggling to keep up3 with security issues, whether it’s shielding you from attacks or vulnerabilities in their own code4.
Simply put, there’s a ton of malware out there — it’s difficult to promise a completely airtight security solution, even if it’s a relatively simple web add-on.
References
- ^ AVG (www.engadget.com)
- ^ has fixed (code.google.com)
- ^ struggling to keep up (www.engadget.com)
- ^ in their own code (www.engadget.com)
The post AVG's Chrome security add-on had a big security hole appeared first on News4Security.