Trend Micro is urging users to update their anti-virus software following the discovery of a bug in its scanning software that might be misused to either crash vulnerable systems or load malware.

The flaw, which involves a buffer overrun security bug in the UPX parsing component of both enterprise and consumer versions of Trend's software, can be resolved by updating the UPX parsing algorithm of the software by applying virus pattern file 4.245.00 or higher. Corrected updates also provide generic detection of malformed UPX (compressed) files.

Anti-virus products designed to keep users safe from virus attacks have themselves fairly frequently become an increasing source of security bugs. For example, during 2005 security vendor ISS has issued alerts over similar but distinct vulnerabilities in various security packages from Symantec, involving the processing of UPX compressed files; and anti-virus products from F-Secure and Trend Micro, both involving the handling of ARJ archive files.

Last month, admins upgrading to the latest version of McAfee's VirusScan Enterprise reported problems with client applications of Lotus Notes, in some cases requiring IT administrators to reinstall the email program. ®

Related stories

• CA in malformed archives malware risk (7 June 2007)
• Comment Fear and Loafing at RSA (9 February 2007)
• McAfee upgrade plays nasty with Lotus Notes (23 January 2007)
• Kaspersky in heap-based buffer overflow vuln (4 October 2005)
• Sophos bug highlights wider anti-virus flaws (29 July 2005)
• Symantec false alert floors Macs (10 May 2005)
• Update PC-cillin killed my PC (25 April 2005)