Menu
Computer Associates reveals antivirus software flaw

Computer Associates reveals antivirus software flaw

Computer Associates (CA) has disclosed a serious security flaw in its antivirus products, the latest is a series of security software to be hit by such a vulnerability.

The bug affects the Vet antivirus engine underlying CA's enterprise and consumer security software, and could be exploited by a remote attacker via a specially crafted Microsoft Word document to cause a heap overflow and execute malicious code, according to CA's advisory.

The platforms affected include Windows, Linux and Solaris, with affected products including BrightStor ARCserve Backup, eTrust Antivirus, eTrust EZ Antivirus, eTrust Intrusion Detection, eTrust Secure Content Manager and InoculateIT.

CA said it wasn't aware of any attacks so far, but that the bug did not require user interaction to exploit. Attackers could exploit the bug via remote protocols such as SMTP, FTP and SMB, according to an advisory from Alex Wheeler of rem0te.com, who discovered the flaw. "It can be triggered without authentication or user interaction and allows multiple exploitation attempts. Vet implementations are likely vulnerable in their default configuration," Wheeler said in the advisory.

Enterprise users got a patch at the beginning of this month, while consumers began receiving updates to Vet engine version 11.9.1 on Monday, via the software's built-in updating system, CA said.

Several major antivirus companies have had to patch serious security flaws in their core products in recent weeks, including Symantec, McAfee, Trend Micro and F-Secure.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Events

Featured

Slideshows

Channel kicks 2021 into gear as After Hours returns to Auckland

Channel kicks 2021 into gear as After Hours returns to Auckland

After Hours made a welcome return to the channel social calendar with a bumper crowd of partners, distributors and vendors descending on The Pantry at Park Hyatt in Auckland to kick-start 2021.

Channel kicks 2021 into gear as After Hours returns to Auckland
The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Show Comments