Sandeep Kumar Singh

**Name of the Vulnerable Software and Affected Versions** Quick Heal Total Security versions prior to 12.1.1.27 **Description** A Time of Check - Time of Use (TOCTOU) issue allows a local attacker to achieve privilege escalation, potentially leading to deletion of system files. This is achieved by exploiting the time between detecting a file as malicious and when the action of quarantining or cleaning is performed, and using the time to replace the malicious file with a symlink. The vulnerability may follow a symlink that was created after a malware check. **Recommendations** For versions prior to 12.1.1.27, update to version 12.1.1.27 or later to resolve the issue. As a temporary workaround, consider restricting access to system files to minimize the risk of exploitation. Avoid using the `symlink` feature in the affected software until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Quick Heal Total Security versions prior to 12.1.1.27 **Description** A DLL hijacking issue allows a local attacker to achieve privilege escalation, leading to execution of arbitrary code. This occurs because the installer does not restrict the search path for required DLLs and does not verify the signature of the DLLs it tries to load. **Recommendations** For versions prior to 12.1.1.27, update to version 12.1.1.27 or later to resolve the issue. As a temporary workaround, consider restricting the search path for required DLLs during installation to minimize the risk of exploitation.