Security firm advises customers to ensure they have the latest version
vnunet.com, 11 May 2005
Sophos is advising customers to upgrade their antivirus applications after a flaw was found in an old version of the security firm's software.
The vulnerability was highlighted on the Bugtraq mailing list, and concerns how a potentially infected file could be hidden on a hard drive without being scanned by Sophos' software.
One of the dangers is that, after a reboot, the infected file could be activated before the antivirus engine starts to function.
The flaw affects version 3.93 of Sophos' antivirus engine and users are advised to upgrade to version 5.0.1.
"We have had no users reporting this issue to us with the current latest shipping version of Sophos Anti-Virus," said Graham Cluley, senior technology consultant at Sophos.
"I think a mixture of unusual circumstances, not running the latest version of Sophos Anti-Virus, and a determination to run a program before Windows has finished starting up has resulted in this individual user's experience."
He pointed out that Sophos can scan files as they are written onto the PC, but that this option is turned off by default as it is not normally required.
Cable firm promises built-in security software from the summer
Hackers able to take complete control of affected PCs
The latest wave of cyber-crimes and acts of vandalism have demonstrated once again that many systems are still vulnerable to attack.
First Looks Editor Ian Williams gets hands on with the Sony Ericsson Xperia X1
Do you agree?
Have your say on this article