Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security IT

Google Security Engineer Issues Sophos Warning 89

Posted by Soulskill
from the you-have-been-called-out dept.
angry tapir writes "Google security engineer Tavis Ormandy discovered several flaws in Sophos antivirus and says the product should be kept away from high value information systems unless the company can avoid easy mistakes and issue patches faster. Ormandy has released a scathing 30-page analysis (PDF) 'Sophail: Applied attacks against Sophos Antivirus,' in which he details several flaws 'caused by poor development practices and coding standards,' topped off by the company's sluggishly response to the warning he had working exploits for those flaws. One of the exploits Ormandy details is for a flaw in Sophos' on-access scanner, which could be used to unleash a worm on a network simply by targeting a company receiving an attack email via Outlook. Although the example he provided was on a Mac, the 'wormable, pre-authentication, zero-interaction, remote root' affected all platforms running Sophos. (Ormandy released the paper as an independent researcher, not in his role as a Google employee.)"
This discussion has been archived. No new comments can be posted.

Google Security Engineer Issues Sophos Warning

Comments Filter:
  • by cbhacking (979169) <been_out_cruisin ... @ya h o o . c om> on Tuesday November 06, 2012 @11:24PM (#41903021) Homepage Journal

    Sue for what? This was responsibly disclosed, and the facts are straightforward so it's not like they can sue for libel. In fact, Sophos requested and was granted a number of redactions and different phrasings throughout the paper. You can read about it in the document history section, near the bottom.

    Yes, I read the whole paper... some 8 hours ago. Slashdot is slow.

  • Re:Hospital (Score:5, Interesting)

    by myxiplx (906307) on Wednesday November 07, 2012 @02:27AM (#41904257)

    No way to easily report the files? You just email them in, a 30 second phone call to Sophos will get you the details.

    In a previous role we would help clean users home computers from time to time, and we discovered a good number of new viruses. I submitted half a dozen viruses to Sophos that weren't being picked up by any virus scanners. They confirmed them all within a few days, and signatures were added within weeks. The whole process is incredibly easy.

IF I HAD A MINE SHAFT, I don't think I would just abandon it. There's got to be a better way. -- Jack Handley, The New Mexican, 1988.

Working...