In association with heise online

13 July 2007, 11:01

Security holes in antivirus software

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The ClamAV and AVG antivirus products contain vulnerabilities which could be exploited to execute denial-of-service attacks or allow local users to escalate their privileges. Meanwhile, Microsoft has provided a free beta version of the upcoming Live OneCare 2.0 security package.

According to an advisory by Metaeye Security, processing corrupted RAR archives results in a null pointer dereference, which crashes the ClamAV software. The ClamAV developers have released version 0.91, from which this bug has been eliminated.

AVG’s kernel driver avg7core.sys is vulnerable when processing manipulated interrupt request packets (IRPs), allowing users to overwrite kernel memory and gain SYSTEM-privileges. The vendor, Grisoft, has provided patched versions which are available for download and automatic update.

In the OneCare 2.0 beta version released by Microsoft, the vendor has a stronger focus on home networks. While the license for OneCare 1.5 grants usage rights to three concurrent users, version 2.0 now provides an additional functionality that grants administration rights for the OneCare software to one of these computers to manage the other clients. For instance, this makes it possible to centrally store and manage updates of the client systems and to view the security status of the computers on the administrator system. Also, users of the software can buy online storage to store their backups in Windows Live Folders. Interested users can download a free version of the beta software on the Microsoft website.

See also:

(mba)

Print Version | Send by email | Permalink: http://h-online.com/-733236
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit