Quick Heal Internet Security Uncontrolled Search Path Element Vulnerability
We found that the Quick Heal Installer Downloader (
QuickHealInternetSecurity.EXE) and Quick Heal Installer (
QHISFT32.EXE) application uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actor.
This vulnerability is called as Insecure Library Loading also known as DLL Hijacking attack.
- Quick Heal Internet Security 10.1.0.316 and prior
- Quick Heal Total Security 10.1.0.316 and prior
- Quick Heal AntiVirus Pro 10.1.0.316 and prior
- 9 June 2016 – Reported to vendor
- 11 June 2016 – Received acknowledgement from vendor
- 1 August 2016 – Patch released
Ashfaq Ansari – Project Srishti – Payatu Technologies