F-Secure issues patch for critical flaws

By Dawn Kawamoto, CNET News.com
Friday, January 20, 2006 09:26 AM

Security vendor F-Secure issued a patch Thursday to deal with critical flaws in a number of its antivirus and Internet security products.

Flaws in the way F-Secure software handles ZIP and RAR data compression archives could allow an attacker to execute remote code on users' systems and also to bypass F-Secure's antivirus-scanning capabilities.

Vulnerabilities were found in 19 versions of F-Secure's antivirus products for Microsoft Windows, as well as in its products for Linux, according to F-Secure's advisory.

F-Secure was originally advised of the scanning vulnerability by independent researcher Thierry Zoller, said Mikko Hypponen, F-Secure's chief research officer. In researching the bug, he said, "we found that the vulnerabilities were much more serious. We found it was not just the scanning that could be bypassed but also (that) a malicious attacker could execute code."

Attackers could create a modified ZIP archive that could lead to a buffer overflow, allowing for the execution of code that could take over a user's system. The flaws could also allow attackers to create malformed RAR and ZIP archives that couldn't be properly scanned for malicious software.

The affected software includes F-Secure's Anti-Virus for Windows Servers versions 5.52 and earlier, Anti-Virus for MS Exchange versions 6.40 and earlier, and Anti-Virus for Linux Workstations versions 4.52 and earlier, as well as 16 other versions of the software.

"We learned of the scanning bug in early December, but because it affected a wide range of our products, we wanted to release a fix for all (of the affected versions) at once," Hypponen said.

F-Secure's "critical" security update is its first in 2006. Last February, the company issued updates for flaws found in its antivirus library.

F-Secure is the latest security vendor to find flaws in its software. Earlier this month, security giant Symantec issued a patch to fix vulnerabilities in its NortonWorks products that could allow an attacker to hide malicious software. And in October, Kaspersky Lab patched vulnerabilities in its antivirus library.

0

0 votes

Save to My Library

Talkback 0 comments

There are currently no comments for this post.

Reply to story

Related Whitepapers

Featured Whitepapers

Tech Jobs Now!

TechGuides

Specials
News and Interviews
Whiteboard

UOB banks on economic downturn
Singapore bank's IT chief Susan Hwee explains how financial crisis offers new opportunities to reengineer
Play video
Domino's Pizza keeps customers eating
CEO Don Meij discusses strategy to grow customer base
Play video

Salesforce CEO chatters about new social media platform
Facebook-type app hits the enterprise
Play video
Salesforce demos Service Cloud 2
New Web-based tools for customer service
Play video

Cost Effective, Secure and HA Server Infrastructure for SMBs
Alan Wan from Dell illustrates how small and medium businesses can build a high availability IT infrastructure without requiring heavy investments on skills and resources.
Play video
Enterprise 2.0
Vince Casarez, vice president of product management at Oracle, explains how Web 2.0 technologies, such as tags, wikis, and mash-ups, can be applied within an organization.
Play video