Menu
Computer Associates reveals antivirus software flaw

Computer Associates reveals antivirus software flaw

Computer Associates (CA) has disclosed a serious security flaw in its antivirus products, the latest is a series of security software to be hit by such a vulnerability.

The bug affects the Vet antivirus engine underlying CA's enterprise and consumer security software, and could be exploited by a remote attacker via a specially crafted Microsoft Word document to cause a heap overflow and execute malicious code, according to CA's advisory.

The platforms affected include Windows, Linux and Solaris, with affected products including BrightStor ARCserve Backup, eTrust Antivirus, eTrust EZ Antivirus, eTrust Intrusion Detection, eTrust Secure Content Manager and InoculateIT.

CA said it wasn't aware of any attacks so far, but that the bug did not require user interaction to exploit. Attackers could exploit the bug via remote protocols such as SMTP, FTP and SMB, according to an advisory from Alex Wheeler of rem0te.com, who discovered the flaw. "It can be triggered without authentication or user interaction and allows multiple exploitation attempts. Vet implementations are likely vulnerable in their default configuration," Wheeler said in the advisory.

Enterprise users got a patch at the beginning of this month, while consumers began receiving updates to Vet engine version 11.9.1 on Monday, via the software's built-in updating system, CA said.

Several major antivirus companies have had to patch serious security flaws in their core products in recent weeks, including Symantec, McAfee, Trend Micro and F-Secure.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Featured

Slideshows

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

More than 500 channel leaders gathered in Auckland on 21 October at the ​Reseller News Innovation Awards ​2020 to celebrate the achievements of the New Zealand technology industry's top partners, start-ups, vendors, distributors and individuals.

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners
Meet the winners of the 2020 Reseller News Innovation Awards

Meet the winners of the 2020 Reseller News Innovation Awards

Reseller News honoured the standout players of the New Zealand channel in front of more than 500 technology leaders in Auckland on 21 October, recognising the achievements of top partners, start-ups, vendors, distributors and individuals.

Meet the winners of the 2020 Reseller News Innovation Awards
Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

This year’s Reseller News 30 Under 30 Tech Awards were held as an integral part of the first entirely virtual Emerging Leaders​ forum, an annual event dedicated to identifying, educating and showcasing the New Zealand technology market’s rising stars. The 30 Under 30 Tech Awards 2020 recognised the outstanding achievements and business excellence of 30 talented individuals​, across both young leaders and those just starting out. In this slideshow, Reseller News honours this year's winners and captures their thoughts about how their ideas of leadership have changed over time.​

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners
Show Comments