Intruders would still need to download and run the necessary code before launching a symlink race, so this is more of a tool to facilitate an existing breach than start it. Researchers also noted that most of the vendors (including AVG, F-Secure, McAfee and Symantec) have fixed the bugs, some of them quietly.

This still leaves a few (currently unnamed) antivirus clients vulnerable, though. Rack911 also warned that taking advantage of the bugs was “trivial.” This could reduce the effectiveness of antivirus software and make malware that much more effective for attackers who know the bugs exist. You’ll want to update your security software, then, even if it’s just to reduce the potential damage should someone compromise your system.