F-Secure exploit patched

    Date14 Feb 2005
    Posted ByBenjamin D. Thomas
    F-Secure has become the latest security firm to be embarrassed by a flaw in its flagship security product line, but the company manged to patch the flaw while it was still only 'theoretical' F-Secure has released a patch for a serious flaw in its antivirus products, the second time in a week a security company has warned of a risk in its software.

    The security hole in the antivirus library affects 18 products for desktops, servers and gateways, with the network products at "critical" risk, F-Secure said in a bulletin on Thursday. By creating a specially crafted ARJ archive file, an intruder could use a buffer overflow to run arbitrary code on an unpatched machine, said Tony Magellanez, a systems engineer at F-Secure.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Has your email account ever been pwned in a data breach?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.