A zero-day attack called Double Agent can take over antivirus software on Windows machines and turn it into malware that encrypts files for ransom, exfiltrates data or formats the hard drives.

Based on a 15-year-old feature in Windows from XP through Windows 10, the attack is effective against all 14 vendors’ antivirus products tested by security vendor Cybellum – and would also be effective against pretty much every other process running on the machines.