xpguy Posted December 12, 2002 Share Posted December 12, 2002 Trend Micro has issued a fix to address buffer overflow vulnerabilities within popular versions of its anti-virus software packages. The bug, within the POP3-proxy of PC-cillin and OfficeScan, came to light during evaluations of various antivirus products by Joel Soderberg of Swedish security firm Texonet last month. Texonet contacted Trend regarding the problem and the AV vendor released a fix yesterday. While buffer overflow vulnerabilities are always serious - particularly when they effect security software packages - the big mitigating factor her is that the flaw can only be exploited by a local intruder, according to Trend. If a haXor has access to your machine, crashing AV packages as a means to introduce malicious code onto your box is probably the least of your problems. Trend describes the problem as minor and says none of its customers have reported being affected by the issues. Nonetheless Trend recommends users apply its fix through applying a service pack (details of which can be found here.) [edit]: Sorry forgot News source: the reg[edit] Link to comment Share on other sites More sharing options...
Recommended Posts