A zero-day attack called Double Agent can take over antivirus software on Windows machines and turn it into malware. The attack is based on a 15-year-old feature in Windows from XP through Windows 10. Two out of 14 antivirus vendors that have been notified have taken steps to deal with the problem. Double Agent takes advantage of a quirk of Microsoft Application Verifier, a tool that detects and fixes bugs in native applications. It’s unlikely to be removed anytime soon, Cybellum CEO Slava Bronfman says.”]
Source: https://www.csoonline.com/article/3183429/double-agent-attack-can-turn-antivirus-into-malware.html