FYI...

> http://atlas.arbor.net/briefs/index#1027704494
Panda Antivirus EXE File Parsing Buffer Overflow Vulnerability
Severity: High Severity
Published: July 23, 2007
Panda AV is vulnerable to a buffer overflow when processing Windows EXE files. The error comes in an integer cast when parsing EXE header data. A malicious attacker could send the victim a malformed EXE file to be processed by Panda AV. This would then allow the attacker to run arbitrary code on the victim's computer. Updates have been made available.
Analysis: This is a similar issue to the Eset NOD32 file processing issue and nearly a dozen such vulnerabilities recently. We believe that this trend will continue for some time.
Source: http://secunia.com/advisories/26171/

NOD32 Antivirus Multiple File Processing Vulnerabilities
Severity: High Severity
Published: July 23, 2007
Eset NOD32 antivirus is vulnerable to file processing vulnerabilities that could be abused by a remote attacker to compromise a system. The AV software has problems processing CAB, ASPack, and FSG packed files. Malformed files could be sent to a victim to be processed by NOD32 and then run arbitrary code on the server. Eset has issued updated software to address this issue.
Analysis: This is another AV vulnerability in handling files. We do not expect it to be the last one, in this package or any other AV package.
Source: http://secunia.com/advisories/26124/

.

This post has been edited by AplusWebMaster: Jul 4 2009, 08:03 AM

FYI...

McAfee false-positive glitch...
- http://www.theregister.co.uk/2009/07/03/mc...ositive_glitch/
3 July 2009 22:48 GMT - "IT admins across the globe are letting out a collective groan after servers and PCs running McAfee VirusScan were brought down when the anti-virus program attack their core system files. In some cases, this caused the machines to display the dreaded BSOD. Details are still coming in, but forums here* and here** show that it's affecting McAfee customers in Germany, Italy, and elsewhere... Based on anecdotes, the glitch appears to be caused when older VirusScan engines install DAT 5664..."
* http://forums.mcafeehelp.com/showthread.php?p=569669
** http://forums.mcafeehelp.com/showthread.php?t=231904

- http://www.eweek.com/index2.php?option=con...0&hide_js=1
2009-07-06 - "... On July 3, McAfee users running old versions of the VirusScan engine found themselves facing false positives after downloading a DAT file that labeled legitimate programs as malware. According to McAfee support forums, the glitch led to authorized programs being quarantined, and in some cases brought about the infamous "blue screen of death"... A McAfee spokesperson said the incorrect identification was resolved in the daily release, and stressed that customers running the most current software were not affected... According to McAfee, customers running Version 5200 or newer were not impacted by the problem. The most current versions are VirusScan Enterprise 8.7 and scanning engine 5301... "



This post has been edited by AplusWebMaster: Jul 7 2009, 08:27 AM