F-Secure software found vulnerable by F-Secure
Date: January 22, 2006Source: The Inquirer
By:
Finnish security outfit F-Secure has had to issue a security warning about its own products.
In a security bulletin here, F-Secure said a flaw in its software meant that an attacker could run any code they like on affected systems by using ZIP and RAR files to hide any malware.
The files would bypass any F-Secure AV products and cause a buffer overflow. It will cause the problem on Windows and Linux systems.
A spokesman said that so far no hacker has worked out how to exploit this vulnerability, but it is better to be safe than sorry.
The problem will be bigger for those who use older F-Secure Linux server and gateway products. F-Secure will not automatically distribute patches for these products and users have to remember to download the patches from the F-Secure site. Newer products will have received patches online.
Add comment Email to a Friend