Slashdot Mirror

← Back to Stories (view on slashdot.org)

Archive Formats Kill Antivirus Products

Posted by kdawson on from the fuzz-in-the-zip dept.

nemiloc sends us to the F-Secure blog for breaking news about widespread vulnerabilities in programs that process archive files: "The Secure Programming Group at Oulu University has created a collection of malformed archive files. These archive files break and crash products from at least 40 vendors — including several antivirus vendors... including us." Here is test material from OUSPG and a joint advisory from Finnish and English security organizations. It isn't news that security products can have have security vulnerabilities. What makes this advisory important is that antivirus software is a perfect target. It is run in critical places with high privileges and auto-updates to keep versions coherent.

7 of 115 comments (clear)

  1. That's nothing by Anonymous Coward · · Score: 5, Funny

    Windows can crash over 9000 products.

    1. Re:That's nothing by thousandinone · · Score: 2, Funny

      What?!? Nine Thousand?!?

  2. Question by TheMeuge · · Score: 1, Funny

    So is this evolution, or intelligent design?

  3. Re:Secure Platform without Anti-virus by PC+and+Sony+Fanboy · · Score: 4, Funny

    ... if only that secure platform was more customizable and less fruity.

  4. Re:Proofread? by Em+Adespoton · · Score: 4, Funny

    If you can put an apostrophe in its, he can definitely remove the comma from "yeah, right."

  5. Re:Secure Platform without Anti-virus by SQLGuru · · Score: 4, Funny

    Apparently, you're just too lazy to work on it.....this guy went so far as to make an Apple II web server:
    http://www.ld8.org:6502/

    Or a list of other older Apple hardware http://www.ld8.org/servers/servers_apple2.html

    Layne

  6. Re:hmm, actually, if only for virus protection... by Chris+Mattern · · Score: 2, Funny

    Are you kidding? Do you know how long it's been since Eniac came out with security update patches?