CVE-2018-7289

Name of the Vulnerable Software and Affected Versions Armadito version 0.12.7.2

Description An issue in the Armadito windows driver allows malware with filenames containing pure UTF-16 characters to bypass detection. The user-mode service fails to open the file for scanning after converting Unicode to ANSI, as characters that cannot be converted are replaced with '?' characters.

Recommendations For Armadito version 0.12.7.2, consider implementing a workaround to handle filenames with UTF-16 characters properly, such as manually checking for malware in files that fail to open for scanning, until a patch is available.