QuickHeal antivirus is not that quick when fixing its vulnerabilities. Critical flaws affect enterprise and home environments

Security products and solutions must be constantly updated as they are not exempt from exposure to exploitable vulnerabilities. According to a report from information security experts, the developers of the popular QuickHeal antivirus were informed about a critical vulnerability that would expose millions of users in business, industrial and home environments. As if that weren’t enough, the company has implemented a flawed mitigation process, which does not guarantee the protection of users.

The impact of operating this fault depends on the use of the vulnerable product and the engine within the QuickHeal customer organization. In addition, information security experts mention that gateway products (email, HTTP proxy, among others) could allow a malicious file to be scanned incorrectly, posing as a legitimate file. 

According to specialists in information security, the antivirus software would not be able to detect any client-side code or sample contained in the ISO file, so no suspicions would be generated, even if the tool knows exactly what to look for. 

As mentioned at the beginning of the article, QuickHeal developers showed serious shortcomings in coordinating attention to this security flaw. While the official version mentions that the vulnerability was fixed since November 2019, the firm never revealed further details about this process, such as the affected products or the remediation method. 

According to the International Institute of Cyber Security (IICS), the main recommendation for affected deployment managers is to contact QuickHeal directly to verify that their products have been updated as reported by representatives of the firm. 

The reports also revealed that Seclist.org specialists were responsible for disclosing the flaw to QuickHeal, which in turn asked them to keep the matter confidential, at least until the security flaw was corrected. However, the firm cut off any contact with investigators after receiving the report. 

The International Institute of Cyber Security says that the latest QuickHeal update was released in the last days of February. It is hoped that this update will include the most fixed of this flaw, although the antivirus developers did not confirm anything.