Security Problems In Multiple Anti-Virus Products

  • 0 Replies

Offline Bugbatter

  • Microsoft® MVP
  • Administrator
  • Diamond Member
  • 10660
Security Problems In Multiple Anti-Virus Products
« on: June 16, 2009, 11:42:55 AM »

Symantec has reported a security problem in several of its anti-virus products for business and private users. As a result of a bug, the software can be fooled into overlooking malware when searching through specially crafted archives. The manipulation to create such archives formats them incorrectly, but even so, some applications and unpackers are still able to extract files from them.

This lack of detection is a particular problem at security gateways on network boundaries, with the result that for instance, for businesses, the opportunity of detecting a possible infection threat is reduced to that last line of defence, the anti-virus software on the end user's desktop. This particularly reduces the effectiveness of multi-tier approaches that use different anti-virus products.

Symantec nonetheless categorises the severity of the problem as low and in its security advisory merely provides tips for possible workarounds, rather than releasing an update. Administrators should, for example, change their gateway settings so that damaged archives are discarded. The evaluation of such vulnerabilities is a major point of distinction between different anti-virus product vendors. Last year, F-Secure evaluated the risk from such a vulnerability as high...

More here:

Microsoft MVP Consumer Security 2006-2016
Microsoft Windows Insider MVP 2016-