14 DAY TRIAL // NOD32, the well-known antivirus, has not been so efficient lately, as a highly critical vulnerability was discovered in many of the products included in the main series of security tools. NOD32 for Domino 2.x, NOD32 for DOS 1.x, NOD32 for FreeBSD 1.x, NOD32 for Linux 1.x, NOD32 for MS Exchange Server 0.x, NOD32 for NetBSD 1.x, NOD32 for Novell Netware Server 1.x, NOD32 for OpenBSD 1.x, NOD32 for Windows 95/98/ME 2.x and NOD32 for Windows NT/2000/XP/2003 2.x are all affected by the security hole confirmed by the parent company ESET.
According to Secunia, all the applications with virus definitions prior to version 2.2289 are affected by the flaw so the solution is to update the products to the latest release. It seems like a successful exploitation of the vulnerability helps an attacker compromise an affected system, allowing him to run commands with the same privileges of the logged user.
"A race-condition error when processing CAB archives can be exploited to cause a heap corruption when e.g. scanning a specially crafted CAB archive. Successful exploitation may allow execution of arbitrary code," Secunia said about one of the vulnerabilities. "A divide-by-zero error when processing Aspack and FSG packed files can be exploited to e.g. crash the application via a specially crafted Aspack or FSG packed file," the notification concerning the second flaw reads.
NOD32 is one of the most popular antivirus products on the market, being well-known for the fact that it offers an excellent protection bundled with minimum hardware requirements. However, this is another proof that a security tool cannot assure 100 percent of a computer protection since a single flaw can ruin the entire system.
As usual, you can download the latest version of NOD32 straight from Softpedia.