Feeds

Danger UPX

Trend Micro warns of scan engine glitch

New hybrid storage solutions

Trend Micro is urging users to update their anti-virus software following the discovery of a bug in its scanning software that might be misused to either crash vulnerable systems or load malware.

The flaw, which involves a buffer overrun security bug in the UPX parsing component of both enterprise and consumer versions of Trend's software, can be resolved by updating the UPX parsing algorithm of the software by applying virus pattern file 4.245.00 or higher. Corrected updates also provide generic detection of malformed UPX (compressed) files.

Trend Micro's upcoming 8.5 release of its software will include these fixes as standard.

Anti-virus products designed to keep users safe from virus attacks have themselves fairly frequently become an increasing source of security bugs. For example, during 2005 security vendor ISS has issued alerts over similar but distinct vulnerabilities in various security packages from Symantec, involving the processing of UPX compressed files; and anti-virus products from F-Secure and Trend Micro, both involving the handling of ARJ archive files.

Last month, admins upgrading to the latest version of McAfee's VirusScan Enterprise reported problems with client applications of Lotus Notes, in some cases requiring IT administrators to reinstall the email program. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
Enigmail PGP plugin forgets to encrypt mail sent as blind copies
User now 'waiting for the bad guys come and get me with their water-boards'
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.