Home Software AVG Web Tune Up Found Force Installing Vulnerable Plugin On Google...

AVG Web Tune Up Found Force Installing Vulnerable Plugin On Google Chrome – Users Under Threat


Google’s Project Zero Team Members were alarmed at what they discovered while at work.

They came to a conclusion that AVG Web Tune Up was not as secure as it was claiming to be.

Travis Ormandy, member of Project Zero team was the first to notice this.

After the team members were alerted, it was seen that AVG Web Tune up, which is generally added as a plug in to the Google Chrome Browser was making users vulnerable to attacks by hackers.

It was noted that the plugin was involved in making installations within the browser that were buggy; it did not allow the users to roll back the arrangement and returning to the normal settings that the browser had to offer.

This forceful installation was severely criticized by Google.

Apart from only adding itself to the browser, the plugin further adds to the vulnerability by making the users browsing history easily visible online, which is the exact opposite of what security measures are intended to do.

Anyone who was smart in this genre could easily know where to search for information and find it there.

This was the final cue for Google. They were forced to contact AVG on 15th December, 2015 and informing them of the issues that the browser was facing because of the faulty software.

The way the message was delivered by Google to AVG was rather harsh, but Google also mentioned that they could not help it, especially with 900 million of their users in potential danger.

They could not risk the fact that a simple code like this was going to let the cyber vandals spy on their email. Too much of these issues would put Google’s reputation at stake. AVG was urged to fix “this trash” by considering it to be their “highest priority”.

Discussions on these aspects ensued and it was evident that AVG admitted their error.

In a statement made to a certain news source, the cyber security firm confirmed that they were in gratitude of Google to be able to inform them of the flaws in their software.

Both Travis Ormandy and AVG officials confirmed that the fix for this bug had been made available for users online. The fix was tested to be working fine.

However, this did not prevent Google from barring installations from AVG software into the browser.

This appears to be the second time when AVG has come up with bugs and it would take some time for the two to develop a trust again.