In association with heise online

13 February 2008, 16:56

F-Secure patches a blind spot in its antivirus products

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

F-Secure has released updates for several of its products to remedy a scanning vulnerability. According to a report by the vendor, the scan engine cannot recognize viruses within certain CAB and RAR archives. However, once a user opens the archive, the scanner springs into action and issues a warning.

All client products and several server and gateway products are affected. F-secure classifies the hazard as "medium" for client and server solutions and "high" for gateway products. According to the vendor, automatic updates have already corrected the error with CAB archives, but users have to manually install a hotfix to remedy the RAR vulnerability. The original F-Secure report contains an exact list of individual fixes for each of the products.

Security service provider n.runs, which has pointed out many virus scanner security holes in the past, discovered the vulnerability. The heise Security article, "Antivirus software as a malware gateway" explains possible antivirus software hazards.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit