Network News

X My Profile
View More Activity

Updates Mend F-Secure Antivirus Flaws

Finnish antivirus company F-Secure Corp. warned users today to install an update to fix a serious flaw in many of its products that it said attackers could use to seize control over computers running the software.

F-Secure said the problem has to do with the way its products examine compressed ZIP or RAR archive files. People often send files compressed with ZIP or RAR utilities as e-mail attachments because they can radically reduce the attachment file size.

Unfortunately, virus and worm writers also often send their creations inside ZIP or RAR files to make it past e-mail security scans, which usually filter out executable files but often allow compressed files, leaving the inspection of those files to antivirus products once the user opens the compressed archive.

According to F-Secure, attackers could use the flaw to create a file that cannot be scanned properly, potentially allowing the malicious file to slip past the company's antivirus scanners.

Users of the company's most popular products, including F-Secure Internet Security (2004 through 2006 versions), F-Secure Anti-Virus (2004 through 2006 versions) and F-Secure Personal Express should have the update distributed to them automatically. Users of other F-Secure products should check this page for more information on how to obtain the necessary updates.

The F-Secure flaws come on the heels of similar vulnerabilities found in other antivirus products, including Symantec and ClamAV. It just shows that security is not some set-it-and-forget-it chore;  even security products need maintenance from time to time.

By Brian Krebs  |  January 19, 2006; 11:40 AM ET
Categories:  New Patches  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Oracle Issues a Whopping 82 Patches
Next: Hackers Attack Million Dollar Homepage

Comments

Brian, I work part time for Fairfax County's electoral Board and we met a year or so ago when you were considering doing a story on our voting machines.

Anyway, I have had problems with my email, that you may want to check out. Here is a message I sent to people on my list. This may not be the place for me to post this, so feel free to not post it if you wish.

Dick Aamodt

I've had a couple of strange things happen to me recently. I use Norton Anti-virus and Internet Security programs, with their "Live Update" feature turned on. Supposedly, the program is to check regularly with their website and automatically keep my files up to date.

Day before yesterday, I suddenly was not getting any mail, and when I tried to use the "Send and Receive" button, I kept getting messages that there was an error, that the connection to the mail server timed out. I called Verizon tech support, and spent about an hour trying to converse with a young lady who had a very "Indian" (as in India) accent. Don't know if Verizon has gone that far or if she was only in Canada. We finally were able to get some mail by disabling my Internet Security program. But as soon as I restored the program, I couldn't get anything. So I went to bed!

I'll cut to the chase, yesterday, the same thing, ultimately, I was directed to Symantec and ended up downloading a paper that told me how to solve a problem when you "Cannot send or receive email after you run LiveUpdate." I don't know if that might be the cause of anyone else's email problems, BUT just in case, here is the URL for the paper, which helped me solve MY problems. The document has a Symantec number: Document ID:2005073006074636

I suspect, but can't prove, that Symantec had a buggy update.

dick

Posted by: DickA | January 25, 2006 12:40 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company