Avast pulls plug on insecure JavaScript engine in its security software suite

Code interpreter ran with admin-level access, not sand-boxed, potentially open to remote-code execution

Avast has disabled a component in its Windows anti-malware suite that posed, ironically enough, a significant security risk."