F-Secure releases security patch


F-Secure releases security patch

Antivirus software supplier F-Secure has issued a patch for its products after a Luxembourg-based security researcher reported vulnerabilities in the way F-Secure software handled ZIP and RAR format data compression archives.

The problem could allow an attacker to execute remote code on users' systems and bypass F-Secure's antivirus-scanning capabilities. F-Secure customers have now received an automated hot fix to cure the problem.

The flaw is said to affect "millions" of F-Secure customers, but it is believed the vulnerability has yet to be exploited.

The majority of F-Secure's antivirus products are affected, including F-Secure Anti-Virus for Windows Servers 5.52 and F-Secure Anti-Virus for Workstations 5.44, as well as earlier versions of both products, together with antivirus scanners for Linux, Samba and firewalls.

Details of the vulnerability were not disclosed publicly to give F-Secure the opportunity to patch the flaws, which must be the most practical way forward. Only when a company drags its feet over patching, and refuses to recognise a problem should the adverse publicity weapon be used.

Related Topics: IT suppliers, VIEW ALL TOPICS

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy