We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,721 News Articles

Critical vulnerability in Sophos antivirus product

Flaw affects handling of Microsoft cabinet files

More accustomed to issuing alerts about threats in other companies' software, security firm Sophos this week has had to warn customers of a vulnerability in its own products.

The vulnerability exists in the way in which Sophos's software handles Microsoft cabinet files (CAB), which are compressed collections of files, according to a statement from Sophos.

The Sans Internet Storm Center called the vulnerability a critical one because of its potential to be exploited remotely.

"The vulnerability can be exploited by crafting a special CAB file with invalid folder count values in the header," Sans said. This can result in the corruption of heap memory and allows the hacker to execute arbitrary code on the compromised system.

Ron O'Brien, senior security analyst at Sophos, downplayed the threat and said it only presented a theoretical risk. "We don't have any indication of anybody exploiting the vulnerability, so the impact in this case has been low," he said.

Several Sophos products are affected by the flaw, including its desktop antivirus software, its small business portfolio and its line of gateway security products, such as PureMessage and MailMonitor.

The flaw was disclosed to Sophos about a month ago by a French researcher. A patch was made available on 28 April and customers who have subscribed to Sophos's automatic update service would have automatically received it, O'Brien said.

Sophos did not publicly disclose the vulnerability until Monday, and did so then only because the French firm that first discovered it was planning to go public with the information, according to O'Brien.


IDG UK Sites

Top 5 Android tips and tricks for smartphones and tablets

IDG UK Sites

How to join Apple's OS X Beta Seed Program: Get OS X Yosemite on your Mac before public release

IDG UK Sites

Why the BBC iPlayer outage was caused by a DDoS attack: Topsy and Tim isn't *that* popular

IDG UK Sites

BBC using Glasgow 2014 Commonwealth Games to trial 4K/UHD, pan-around video, augmented video and...