Jonathan126

**Name of the Vulnerable Software and Affected Versions** Qi-ANXIN QAX Virus Removal versions prior to 2025-10-23 **Description** A weakness exists in Qi-ANXIN QAX Virus Removal. The issue is related to improper access controls that can be triggered by manipulating the `ZwTerminateProcess` function within the `QKSecureIO Imp.sys` library of the Mini Filter Driver component. The attack is limited to local execution. An exploit for this issue has been publicly released and could be used for attacks. The vendor was informed of this issue but did not provide a response. **Recommendations** Versions prior to 2025-10-23 should be updated. As a temporary workaround, consider restricting access to the `QKSecureIO Imp.sys` library to minimize the risk of exploitation.