AVG Toolbar Makes Internet Explorer Users Vulnerable to Attack

July 7, 2014 | By Kevin Judge
1 Star2 Stars3 Stars4 Stars5 Stars

According to a report from Homeland Security, the AVG Secure Search toolbar includes an ActiveX control that provides several unsafe methods that could allow a remote, unauthenticated attacker to execute arbitrary code with the privileges of the user. That means they can download whatever they want onto your computer and take control of it. Ironically, the toolbar is intended to protect you from malware.

This vulnerability appears to impact Internet Explorer users only. Topically, a hacker will trick a user into going to an html page or opening a document that will download malicious code. This is a so-called “drive-by-download” and is a common method to deliver malware that enables the hackers to commit financial fraud against the victim.

AVG Secure Search is a toolbar add-on for web browsers that includes an ActiveX control called ScriptHelperApi, provided by ScriptHelper.exe. This control does not enforce restrictions on which sites may invoke its methods. Any website can invoke the methods exposed by the ScriptHelper ActiveX control. The control is excluded from the Internet Explorer Protected Mode sandbox and by passes the Explorer opt-in safeguard.


Users with the AVG toolbar should either remove it or upgrade to the latest version immediately.

Be Sociable, Share!

    Add new comment

    Your name

    You may use these HTML tags and attributes: <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>


    What Hidden Threats LurkOn Your Endpoints?

    Get complete security from known and unknown threats from Comodo Endpoint Protection

    free threat scan