14 DAY TRIAL // Sophos Antivirus is one of the top security solutions which are also compatible with the latest version of Windows, Vista. Because I'm sure that many of the Vista fans out there are looking for a security tool for their computers, I feel sorry to inform you that Sophos Antivirus contains a security flaw that might allow the attackers to infect your computer. It sounds like an antivirus product which, instead of protecting your computer, it actually infects it. Well, that's a problem. The parent company Sophos confirmed the problem and said the security hole can be easily exploited using malicious CAB, LZH or RAR files.
"Handcrafted CAB, LZH or RAR files with modified headers were not being processed appropriately by the virus engine, so that malware hidden within these archive files was not being detected by the virus engine," Sophos mentioned in a security notification published today.
The entire exploitation of the flaw is quite simple. The attacker sends a dangerous file to the vulnerable user and, because the antivirus is not able to detect the malware, he manages to make the consumer's computer open to attacks. "The maximum impact that this evasion vulnerability could permit is that malware could be activated on a computer that does not have an on-access scanner. The likely impact of this evasion vulnerability is that an on-access scanner will detect the malware as soon as the archive file is opened/unpacked," Sophos added.
According to the security company, the affected versions of the applications are the one rolled out before the 2.49.0 release. In order to avoid a successful exploitation of the security flaw, you're encouraged to update your software to the latest version as well as updating the virus engine to the most recent definitions. As usual, the updates will be distributed through the auto-update feature.