Oxygene Posted January 10, 2003 Share Posted January 10, 2003 On December 5th 2002 Vet released Vet Antivirus 10.54.x.x, however due to a "snooze function" vulnerability found many sites have not implemented this new version. The snooze function allows you to "turn off" the antivirus scanners resident protection for a period of time set by the user. However, this feature is not password protected and therefore it allows a malicious user to turn off the resident protection for up to 99 minutes whilst allowing viruses / malicious code to be executed. The snooze feature needs to be password protected so that clients / other users cannot disable the resident virus protection. Here is some information received about this known issue; from a Systems Engineer at Vet/CA : ...functionality change will be in Vet 10.56.0.0 : If password protect options are enabled then the password will be requested hen trying to access snooze option. No ETA as yet (there is a huge amount of changes) - but will most likely be within the first quarter of this year. Regards, ********** Systems Engineer My eTrust/Vet Antivirus Support Team Computer Associates Link to comment Share on other sites More sharing options...
Oxygene Posted January 10, 2003 Author Share Posted January 10, 2003 The reason I posted this is because I think that the "snooze function" can be quite dangerous in an Antivirus Scanner. Vet/CA has taken too long (IMHO) to address this feature. Scenario : Large Eductional Institution has over 1000 computers running Vet Antivirus. Problem : A student wanting to spread viruses throughout the network / or just the workstation has the ability to now effectively disable the virus scanner for a set amount of time. This is a dangerous feature and should be protected by a password just like some of the other features of an Antivirus product. :no: Link to comment Share on other sites More sharing options...
Recommended Posts