TechTarget

CA patches high-risk security hole

A “high-risk” security flaw in Computer Associates anti-virus products could put users at risk, the supplier has warned.

A “high-risk” security flaw in Computer Associates anti-virus products could put users at risk, the supplier has warned.

The flaw is in the scanning engine used in both enterprise and consumer products. CA said that an attacker could gain full control over a user’s PC by sending them a specially crafted Microsoft Office document.

CA rates the flaw as “high risk” because an attacker can gain full access to a computer system without any user interaction.

This year there have been major reported flaws in the security products of McAfee, Symantec, F-Secure and Trend Micro, many of them in scanning engines. 

Enterprise CA products affected include eTrust Antivirus, Intrusion Detection and Secure Content Manager.

CA said it was not aware of any exploits of the flaw in the wild. A patch is available from CA to counter the potential problem.

The company issued security patches to address buffer overflow vulnerabilities in its CA License software earlier this spring. CA License software is a component included in a number of its enterprise products operating on proprietary and open source platforms.

Buffer overflow vulnerabilities can allow malicious code to be inserted and executed remotely.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close