Here's more evidence if you need to make a case that blindly requiring anti-virus or other agents on all systems is neither cost-free nor automatically justified, as I mentioned late last year. As reported by SANS @RISK (link will work shortly):
Trend Micro Antivirus, a popular antivirus solution, contains a buffer overflow vulnerability when parsing executables compressed with the UPX executable compression program. A specially-crafted executable could trigger this buffer overflow and execute arbitrary code with SYSTEM/root privileges, allowing complete control of the vulnerable system. Note that the malicious file can be sent to a vulnerable system via email (spam messages), web, FTP, Instant Messaging or Peer-to-Peer file sharing. UPX file format vulnerabilities have been widely-reported in the past, and UPX file fuzzers are commonly available.
Here's the Trend Micro advisory.
Senin, 12 Februari 2007
Another Anti-Virus Problem
17.33
No comments
Langganan:
Posting Komentar (Atom)
0 komentar:
Posting Komentar