CDRInfo Forum CDRInfo Forum

Forums  Register  Login  My Profile  Inbox  Address Book  My Subscription  My Forums 

Photo Gallery  Member List  Search  Calendars  FAQ  Ticket List  Log Out

F-Secure Flaw Opens Door To Intruders !   Logged in as: Guest
Viewers: 1205 You can click here to see Today's Posts | Most Active Topics | Posts Since Last Visit
  Printable Version
All Forums >> [News Around The Web] >> Security News >> F-Secure Flaw Opens Door To Intruders ! Page: [1]
Login
Message << Older Topic   Newer Topic >>
F-Secure Flaw Opens Door To Intruders ! - 2/12/2005 3:43:03 PM   
SiliconFreak


Posts: 12103
Joined: 7/4/2003
From: Melbourne, Victoria, AUS
Status: offline
F-Secure has released a patch for a serious flaw in its antivirus products, the second time this week a security company has warned of a risk in its software.

The security hole in the antivirus library affects 18 products for desktops, servers and gateways, with the network products at "critical" risk, F-Secure said in a bulletin Thursday. By creating a specially crafted ARJ archive file, an intruder could use a buffer overflow to run arbitrary code on an unpatched machine, said Tony Magellanez, a systems engineer at F-Secure.

"At this point, it's a theoretical exploit," Magellanez said, noting that Internet Security Systems, which discovered the flaw, had not provided F-Secure with an example of malformed ARJ code. "ISS gave us details of how it could be done, and we created a patch."

The vulnerability could enable intruders to spy on confidential company information, ISS said in its advisory. It noted that several large vendors and Internet security providers use the antivirus library in their products.

F-Secure is urging all customers to apply the patch. Magellanez said businesses with managed security could use the policy manager to automatically send the update to individual users' machines. The fix has already been distributed to ISPs so they can get it out to members, Magellanez said.

On Tuesday, security software maker Symantec alerted its customers to a vulnerability in its own antivirus library, also found by ISS. The scanning software flaw, which affects the majority of Symantec's antivirus and antispam products, could cause a virus to execute, rather than catch it.

Internet Security Systems could not immediately provide a representative to comment on the issue.


Source : CNET News
Post #: 1
RE: F-Secure Flaw Opens Door To Intruders ! - 2/12/2005 6:42:31 PM   
MP3Mogul


Posts: 5743
Joined: 4/11/2002
From: Retired Moderator
Status: offline
This is why it is so "IMPORTANT" to keep your program's and definitions updated! As long as you use LiveUpdate with Norton, everything is okay, it's already fixed.


_____________________________



LG GSA H22L Firm 1.02
Samsung SH-203N Firm SB01
LiteOn SOHD-16P9S Firm FS0D

(in reply to SiliconFreak)
Post #: 2
RE: F-Secure Flaw Opens Door To Intruders ! - 2/13/2005 4:35:26 PM   
SiliconFreak


Posts: 12103
Joined: 7/4/2003
From: Melbourne, Victoria, AUS
Status: offline
Correct!

Also Mcafee has everything as it should be...so who cares about F-Secure...

(in reply to MP3Mogul)
Post #: 3
RE: F-Secure Flaw Opens Door To Intruders ! - 2/15/2005 10:34:25 PM   
Cooler

 

Posts: 411
Joined: 5/1/2003
From: Finland
Status: offline
With F-Secure posing so many problems, it's only matter of time, before someone classifies it as malware.


_____________________________

Quae dant, quaque negant, gaudent tamen esse rogatae.

(in reply to SiliconFreak)
Post #: 4
Page:   [1]
All Forums >> [News Around The Web] >> Security News >> F-Secure Flaw Opens Door To Intruders ! Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts




Forum Software © ASPPlayground.NET Advanced Edition 2.4.5 ANSI

0.014