IT security experts have warned of a vulnerability in Sophos Anti-Virus which can potentially be exploited by malicious hackers to cause buffer overflows.

The problem affects users of Sophos Anti-Virus Small Business Edition and Sophos Anti-Virus versions prior to 3.96.0 and prior to 4.5.4, according to Secuni. Sophos said it has already provided a fix for these versions of its antivirus offerings.

Further patches are expected for Small Business Edition on all platforms, and within the next 14 days for the remaining versions.

UK-based Sophos says it has not seen any examples of malware attempting to exploit this vulnerability, which is caused by an unspecified error and can be exploited to cause a heap-based buffer overflow.

"The vast majority of our customers are already protected against this vulnerability and the small business and enterprise products automatically update themselves, so no intervention is required," said Graham Cluley, senior technology consultant, Sophos.