Update 9/22/2017: Avast representative has made the following statement:
“We believe that these users are safe now as our investigation indicates we were able to disarm the threat before it was able to do any harm. We estimate that 2.27 million users had the affected software installed on 32-bit Windows machines.”
The estimated users impacted is far less than the original two billion impacted.
Malware Included in Recent CCleaner Update
CCleaner, a popular computer maintenance program that is used to clear cookies, temporary internet files, and browsing histories included malware in two of its recent versions. The impacted users are those who downloaded the 1.07.319 and 5.33 versions of CCleaner. The malicious versions of the program have been available since August 15, 2017. It is currently projected, two billion malicious downloads occurred.
Bleeping Computer reported,
“The malware collected information such as computer name, a list of installed software, a list of running processes, media access control (MAC) addresses for the first three network interfaces, and unique IDs to identify each computer in part. Researchers noted that the malware only ran on 32-bit systems. The malware also quit execution if the user was not using an administrator account.”
Not only was malware included in the update, but a malicious backdoor was left open leaving the ability for additional malware to execute. However, to date, additional malware has not exploited this vulnerability.
If you are currently running CCleaner, please confirm which version is installed on the device. It is recommended users update the program to the version 5.34 immediately. The malware included in versions 1.07.319 and 5.33 is within the the particular version of the program– therefore, updating to version 5.34 or higher will remove the malware.
The program, is distributed through Piriform, a company recently acquired by the security solution Avast. To access the latest version 5.34 of CCleaner, you may go to Piriform’s forums, available here.