F-Secure warns of critical vulnerabilities | Tech News on ZDNet

F-Secure warns of critical vulnerabilities | Tech News on ZDNet: "By Tom Espiner ZDNet.co.uk, News.com | Posted on ZDNet News: Mar 19, 2008 7:53:42 AM | Security vendor F-Secure has warned of multiple critical vulnerabilities in its own and other vendors' products.

The vulnerabilities exist in the way the products respond to malformed archive files, and were discovered by researchers at the University of Oulu in Finland.

'The Secure Programming Group at Oulu University has created a collection of malformed archive files,' wrote F-Secure director of antivirus research, Mikko Hyppönen, in a blog post on Monday. 'These archive files break and crash products from at least 40 vendors--including several antivirus vendors… including us.'

F-Secure products affected include F-Secure Internet Security 2008, F-Secure Anti-Virus 2008, F-Secure Mobile Anti-Virus for Windows Mobile 2003/5.0/6, and F-Secure Anti-Virus for Linux 4.65 and earlier versions, according to an F-Secure security bulletin. Successful exploitation of the vulnerabilities could result in remote code execution.

Other software affected includes Debian libarchive1, FreeBSD libarchive 3, Gentoo app-arch/libarchive and Suse libarchive, according to an advisory from the Finnish computer emergency response team, CERT-FI.

The University of Oulu researchers discovered the vulnerabilities in various archive file formats, including ZIP..."

Helge: Have to check this out. We use F-Secure. Hmmmm, what should we do next? Read the blog post with great care.
Post a Comment

Popular Posts

The Arctic Circle Design Forum

Digital Storytelling

Mexico open for business

Continued Stable Profit Development for Raute