TechTarget

F-Secure patches 19 security products against attack

F-Secure has issued a patch to fix critical security flaws in a number of its anti-virus and internet security products.

F-Secure has issued a patch to fix critical security flaws in a number of its anti-virus and internet security...

products.

Flaws in the way F-Secure’s software handles Zip and Rar data compression archives could allow attackers to execute remote code on users' systems and bypass F-Secure's anti-virus-scanning capabilities.

Vulnerabilities have been found in 19 versions of F-Secure's anti-virus products for Microsoft Windows, and in products for the Linux operating system.

F-Secure was advised of a scanning vulnerability by independent researcher Thierry Zoller.

Unpatched systems can allow attackers to create a modified Zip archive that can lead to a buffer overflow, allowing for the arbitrary execution of code.

The flaws could also allow attackers to create malformed Rar and Zip archives that cannot be properly scanned for malicious software.

The affected software includes F-Secure's Anti-Virus for Windows Servers versions 5.52 and earlier, Anti-Virus for MS Exchange versions 6.40 and earlier, and Anti-Virus for Linux Workstations versions 4.52 and earlier, as well as other products.


 

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close