In association with heise online

20 April 2009, 10:05

Weaknesses in several virus scanners - Updated

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The security specialist Thierry Zoller has made several reports on errors in virus scanners from BitDefender, avast, ESET and Fortinet. According to Zoller, all have problems in dealing with corrupt archive files, making it possible for infected files to be smuggled past the scanners. Zoller says this is a particular problem for gateways.

BitDefender confirmed the error existed in many of its products and released a patch for it last week, which has been distributed over its automatic update system. ESET also acknowledged the error and have released updates through their automatic update system. Zoller says that only Avast and Fortinet have not reacted to his alerts, noting neither have replied to his attempts to responsibly disclose the issue to them.

Update: Fortinet responded to Zoller's advisory on the 17th and says that its actual response was on the 15th. According to Zoller the investigation is ongoing. Avast also responded on the 17th, but says "There's currently no plan to release a special patch for this as our risk assessment makes it a very low priority issue."


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit