nemiloc writes "From F-Secure website:
"The Secure Programming Group at Oulu University has created a collection of malformed archive files. These archive files break and crash products from at least 40 vendors — including several antivirus vendors...including us."
It is not new anymore that security producs have have security problems... What makes this special is that antivirus software is a perfect target. They are run on critical places with high privileges and autoupdates keeps versions coherent.
More information:
Test material by OUSPG and
Joint advisory by CERT-FI and CPNI"
This discussion was created for logged-in users only, but now has been archived.
No new comments can be posted.
Test report lists ~160 historical "prior vulnerabilities" (with a nice graph sample) and hints of hundreds of new ones. Given that the archive&compression formats appear to be pervasive to modern computing and communication I would have expected those prior vulnerabilities to have raised the bar wrt implementation quality of dearchivers, apparently that has not happened.
This begs the question: is it really beneficial securitywise to increase the amount of code that handles data sent from the net? Are we better off running all that anti-virus code, personal firewalls, L7 aware proxy/firewalls and whatnot? I've lived without personal firewalls and antivirus products for 10 years, using Linux, Windows and Mac. During that time I've had one incident.
So I know there is life without those extra lines of code. Am I being too radical?
160 legacy archive flaws, now hundreds of new? (Score:1)
Re: (Score:1)
So I know there is life without those extra lines of code. Am I being too radical?