Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Security

Submission + - Sophos A/V riddled with vulnerabilities (pcworld.com)

arglebargle_xiv writes: Security researcher Tavis Ormandy has had a look at Sophos A/V and found that it'll actually make your system less secure after you install it:

The paper contains details about several vulnerabilities in the Sophos antivirus code responsible for parsing Visual Basic 6, PDF, CAB and RAR files. Some of these flaws can be attacked remotely and can result in the execution of arbitrary code on the system. Ormandy even included a proof-of-concept exploit for the PDF parsing vulnerability which he claims requires no user interaction, no authentication and can be easily transformed into a self-spreading worm.

The findings also include this gem:

Ormandy also found that a component called the 'Buffer Overflow Protection System' (BOPS) that's bundled with Sophos antivirus, disables the ASLR (address space layout randomization) exploit mitigation feature on all Windows versions that support it by default, including Vista and later.

Original paper here.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Sophos A/V riddled with vulnerabilities

Comments Filter:

Serving coffee on aircraft causes turbulence.

Working...