Panda Software has fixed a flaw in its anti-virus products that potentially allowed remote attackers to take over users’ PCs.
The company said the vulnerability affected all of the company’s anti-virus products, and a patch to fix it has been sent out automatically to customers.
The flaw was discovered last week and patched two days later, said Panda.
The company was informed of the heap overflow flaw by internet security researcher Alex Wheeler at www.rem0te.com.
The problem was contained within the Panda Anti-Virus Library that provides file support for virus analysis.
During decompression of files in the ZOO compressed file format, computers were vulnerable to a heap overflow that potentially allowed exploits through protocols such as Simple Mail Transfer Protocol (SMTP).