Avast’s Piriform Releases Security Update for CCleaner
by CIRT Team
Description: Piriform, a subsidiary of Avast, has released CCleaner 5.34 and has pushed v1.07.3214 to CCleaner Cloud users. These versions do not contain the Floxif malware found in the 32-bit versions of CCleaner 5.33.6162 and CCleaner Cloud 1.07.3191
Impact: An unauthorized modification of the CCleaner.exe binary resulted in an insertion of a two-stage backdoor capable of running code received from a remote IP address on affected systems. An attacker who successfully exploited the vulnerability could take control of an affected system.
Mitigation: Updates are available. Please check specific vendor advisory for more information.