Original URL: http://www.theregister.co.uk/2005/02/11/f-secure_patch/
Patch now against virus-writing clowns
F-Secure vuln is no laughing matter
Posted in Security, 11th February 2005 16:58 GMT
Watch Now : Virtual Machine Movement with Hyper-V
F-Secure yesterday urged users of its anti-virus products to apply security patches following the discovery of potentially serious security vulnerability in 18 of its products. The security bug - unearthed by security researchers at ISS - involves flaws in the processing of ARJ archive files by an antivirus library that give rise to possible buffer overflow attacks. Desktop, server (Linux and Windows) and gateway version of F-Secure's security products all need attention.
"We urge all affected users to apply the patch, before some clown virus-writer tries to exploit it," said Mikko Hyppönen, director of anti-virus research at F-Secure. "This hole is related to a bug in our routine that unpacks ARJ archive files. The bug would allow an attacker to execute code when his ARJ file is scanned."
Update details are here [1]. ISS's alert is here [2]. Earlier this week ISS issued an alert over a similar but distinct vulnerability involving 30 security packages from Symantec. In that case, the vulnerability stemmed from a flaw in an antivirus scanning component involving the processing of UPX compressed files. ®
Related stories
Symantec anti-virus flaw hits 30 products [3]
F-inSecure mailing list spreads Netsky-B virus [4]
DoS risk from Zip of death attacks on AV software? [5]
