Two major security software vendors have released patches for flaws in their own offerings.
F-Secure and Trend Micro have posted updates to address vulnerabilities which could leave customers vulnerable to attack.
F-Secure and Trend Micro have addressed flaws which could leave customers vulnerable to attack
Major security firms caught napping
F-Secure and Trend Micro forced to patch flaws in their own software
vnunet.com, 24 Oct 2008
Advertisement
Trend Micro issued a fix for its OfficeScan product in which an attacker could use a malformed HTTP request to cause a buffer overflow in the software's server CGI model.
A successful exploit could allow an attacker to remotely execute code on the targeted system.
F-Secure, meanwhile, has released an update which corrects an issue in its Internet Security, Anti-Virus, Linux and Protection Service product families as well as several F-Secure server and gateway offerings.
The issue stems from an error which occurs when the software is not set to scan compressed files.
An attacker could use a specially-crafted compressed file to trigger a buffer overflow error and gain complete control at the system level of a targeted machine and execute arbitrary code.
The US Computer Emergency Response Team is advising users and administrators of all of the affected security products to install the patches as soon as possible.
Further reading
Microsoft issues 'critical' security alert
Attack targets server component in Windows and Windows Server
Security industry falling behind the hackers
Report warns of new threats on the horizon
Oracle joins security patch party
Company issues 36 security fixes
Related whitepapers
Related jobs
Most read stories
Most commented stories
Most watched
Summit: Salesforce.com on SaaS and information overload
How web services contribute to data headaches
Analysis and Reports
Remote access - Three steps to getting connected
3.4 million UK professionals now work from home – is your company equipped?
Cost benefits of a global collaboration network
This white paper is a must read for organisations looking for evidence of the bottom-line benefits of high-definition video and voice communications
Advertisement
White paper library
Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.
Latest white papers
- The public sector – making flexible working work
- Sage CRM SalesLogix Data Synchronisation Technology for Mobile CRM Users
- The world of voice conferencing: A guide to creating the right environment
- The hidden financial and environmental costs of office printing
- A blueprint for data centre efficiency without upgrading
Advertisement
Hiring now on ComputingCareers:
Advertisement
Spotlight
Summit: Microsoft Office to the rescue
Chris Adams, Office Client product manager for Microsoft UK, explains...
Industry and human rights campaigners united in opposition to "three strikes" plan
Critics says government proposals to curb illegal downloading are unworkable...
Advertisements
Secondary navigation
Do you agree?
Have your say on this article