Trend Micro squashes buffer overflow bug
PrintMinor problem affects popular AV packages
Posted in Anti-Virus, 12th December 2002 09:28 GMT
Free whitepaper – Avoiding 7 common mistakes of IT security compliance
Trend Micro has issued a fix to address buffer overflow vulnerabilities within popular versions of its anti-virus software packages.
The bug, within the POP3-proxy of PC-cillin and OfficeScan, came to light during evaluations of various antivirus products by Joel Soderberg of Swedish security firm Texonet last month.
Texonet contacted Trend regarding the problem and the AV vendor released a fix yesterday.
While buffer overflow vulnerabilities are always serious - particularly when they effect security software packages - the big mitigating factor her is that the flaw can only be exploited by a local intruder, according to Trend.
If a haXor has access to your machine, crashing AV packages as a means to introduce malicious code onto your box is probably the least of your problems. Trend describes the problem as minor and says none of its customers have reported being affected by the issues.
Nonetheless Trend recommends users apply its fix through applying a service pack (details of which can be found here.) ®
Free whitepaper – Avoiding 7 common mistakes of IT security compliance
Analyst Keynote: The Register Agile Data Center Summit
What Exchange can't do - and Dell can
Enabling The Agile Data Center
Analyst Keynote: The Register Agile Data Center Summit
Breaching Fort Apache.org - What went wrong?
Snow Leopard security - The good, the bad and the missing
US Dems fill inboxes with 419 scams
BlockMaster SafeStick hardware-encrypted USB drive