CVE-2019-17093

Name of the Vulnerable Software and Affected Versions Avast antivirus versions prior to 19.8 AVG antivirus versions prior to 19.8

Description A DLL Preloading vulnerability allows an attacker to implant %WINDIR%system32wbemcomn.dll, which is loaded into a Protected Process Light (PPL) and might bypass some of the self-defense mechanisms. This affects all components that use WMI, e.g., AVGSvc.exe and TuneupSmartScan.dll.

Recommendations For Avast antivirus versions prior to 19.8, update to version 19.8 or later. For AVG antivirus versions prior to 19.8, update to version 19.8 or later. As a temporary workaround, consider restricting access to the vulnerable components that use WMI, such as AVGSvc.exe and TuneupSmartScan.dll, until a patch is available.