F-Secure's anti-virus software fails with ZIP and RAR archives
F-Secure has released updates for its anti-virus products which fix a ZIP and RAR archive scanning bug. Due to the bug, the software fails to detect malware within infected archives. This allows attackers to circumvent virus filters, in particular on gateways – the problem is less significant on clients, as malware will still be detected when it is unpacked from the infected archive.
Affected versions are:
- F-Secure Anti-Virus for Microsoft Exchange 7.10 and earlier versions
- F-Secure Internet Gatekeeper for Windows 6.61 and earlier
- F-Secure Internet Gatekeeper for Linux 2.16 and earlier
- F-Secure Internet Gatekeeper for Linux Japanese 3.01 and earlier
- F-Secure Protection Service for Business - E-mail and Server security version 8.00 and earlier
- F-Secure Internet Security 2009 and earlier
- F-Secure Anti-Virus 2009 and earlier
- F-Secure Client Security 8.0 and earlier
- F-Secure Anti-Virus for Workstations 8.0 and earlier
- F-Secure Linux Security 7.01 and earlier
- F-Secure Anti-Virus Linux Client Security 5.54 and earlier
- F-Secure Protection Service for Consumers version 8.00 and earlier
- F-Secure Protection Service for Business - Workstation security version 8.00 and earlier
- F-Secure Home Server Security 2009
- F-Secure Anti-Virus for Windows Servers 8.00 and earlier
- F-Secure Anti-Virus for Citrix Servers 7.00 and earlier
- F-Secure Linux Security 7.02 and earlier
- F-Secure Anti-Virus Linux Server Security 5.54 and earlier
- F-Secure Anti-Virus for Linux Servers 4.65
- F-Secure Anti-Virus for MIMEsweeper 5.61 and earlier
The updates will install automatically via the auto-update mechanism or they can be obtained from the support web pages.
See also:
- ZIP and RAR archive evasion vulnerability, F-Secure advisory.
(djwm)