In association with heise online

19 December 2006, 12:11

Vulnerability in BitDefender virus scanner fixed

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

BitDefender has just released information regarding a critical security vulnerability in its anti-virus products. According to this information, security services provider n.runs informed the company at the end of August of a heap overflow in the scanner when parsing packed PE files. This would apparently have permitted an attack to inject malicious code onto a system and execute it. This affected not just products for home users, but also server solutions such as BitDefender for ISA Server, BitDefender for MS Exchange 2000, 2003, 5.5 and BitDefender Mail Protection for Enterprises. BitDefender fixed the bug within a few days.

It is not clear why this information is only now being published. BitDefender distributed the patch via its automatic update system, so that there should be no customers still running a vulnerable product. The situation is somewhat different for Symantec Enterprise product users. They are exposed to attacks by the Yellow Worm, which penetrates systems using a vulnerability discovered in May 2006. A patch to fix this vulnerability has been available since June, but because it was not distributed via the LiveUpdate system, it appears not to have been installed on all systems. Symantec Client Security and Symantec AntiVirus only use LiveUpdate to update virus signatures and not to update program versions. If an administrator misses a message regarding patches, his system may remain vulnerable.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit