Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
TRENDING TODAY
Home > News > Security > Security Fixes and Improvements

November 6th, 2012, 13:12 GMT · By

Sophos Addresses Remote Code Execution, Other Vulnerabilities in Antivirus Product

SHARE:

Adjust text size:

Sophos addresses vulnerabilities in antivirus product
Enlarge picture
Security solutions provider Sophos has addressed a number of vulnerabilities in its antivirus product. The issues were identified by security researcher Tavis Ormandy who contacted the company after examining the application.

One of the issues discovered by Ormandy was a remote code execution vulnerability that affected the way the antivirus engine scanned malformed Visual Basic 6 files.

Vulnerabilities were also caused because of the way .cab, .rar and .pdf files were handled.

Some relatively new technologies implemented in Microsoft operating systems also caused some issues. The interaction between the BOPS technology in Sophos Anti-Virus and ASLR on Windows Vista and later was a bit buggy.

The interaction between Internet Explorer’s protected mode and Sophos protection mechanisms were also problematic.

Finally, the classic cross-site scripting (XSS) flaw could not be left out. It was founds to plague the web protection and web control Layered Service Provider (LSP) block page.

All the vulnerabilities were addressed by Sophos with fixes rolled out in October 22 and November 5. Furthermore, there’s no evidence to indicate that any of the security holes has been exploited in the wild.

The researcher has also found other problems that can cause the antivirus engine to halt. They’re currently being investigated and if they check out, Sophos representatives state that fixes will be made available most likely starting with November 28.

Similar to other reputable companies, Sophos considers that keeping customers safe is a primary responsibility. They encourage researchers to practice responsible disclosure in order to help them in this task.

“Sophos believes in responsible disclosure. The work of Tavis Ormandy, and others like him in the research community, who choose to work alongside security companies, can significantly strengthen software products,” Sophos representatives wrote.

“On behalf of its partners and customers, Sophos appreciates Tavis Ormandy's efforts and responsible approach.”


1,035 hits
Link to this article · Print article · Send to friend

MUST-READ RELATED ARTICLES:


Experts Find DOM XSS Flaw in “+1” Button of Google Plus - Video
Researchers Find Smishing Vulnerability in Android, All Versions Affected – Video
VUPEN Researchers Find Windows 8 Zero-Day, All Exploit Mitigations Bypassed (Updated)
Bitdefender Warns of Cyberattacks Aimed at Medical Devices
Yahoo! Experts Warn Users of SWF Vulnerability in YUI 2

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2013 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2013 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use