homepage Welcome to WebmasterWorld Guest from 54.226.192.202
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Local / Foo
Forum Library, Charter, Moderators: incrediBILL & lawman

Foo Forum

    
Security Researcher Discovers Critical Vulnerabilities in Antivirus Product
engine

WebmasterWorld Administrator engine us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 4516574 posted 10:51 pm on Nov 6, 2012 (gmt 0)

Security researcher Tavis Ormandy discovered critical vulnerabilities in the antivirus product developed by U.K.-based security firm Sophos and advised organizations to avoid using the product on critical systems unless the vendor improves its product development, quality assurance and security response practices.

Ormandy, who works as an information security engineer at Google, disclosed details about the vulnerabilities he found in a research paper entitled “Sophail: Applied attacks against Sophos Antivirus” that was published on Monday. Ormandy noted that the research was performed in his spare time and that the views expressed in the paper are his own and not those of his employer.
Security Researcher Discovers Critical Vulnerabilities in Antivirus Product [pcworld.com]

 

vincevincevince

WebmasterWorld Senior Member vincevincevince us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4516574 posted 2:20 pm on Nov 10, 2012 (gmt 0)

I read this, and I had trouble establishing just how risky these security problems are. Did you have better luck?

graeme_p

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4516574 posted 8:54 am on Nov 11, 2012 (gmt 0)

Skimming it: It introduces multiple buffer overflow vulnerabilities AND removes the protection against overflows in Windows Vista and above. It also makes IE a lot more vulnerable to XSS.

These issues have been fixed, but given they have messed up so badly, would you trust them to secure your OS again?

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Local / Foo
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved