|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: Symantec AV may execute viruses
Too true, as soon as the updates are available.. Still haven't seen one from Symantec (anyone else out there seen one yet??), maybe F-Secure will be faster.. Brance :)_S -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Dragos Ruiu Sent: Thursday, February 10, 2005 3:46 PM To: Paul G; [email protected] Subject: Re: Symantec AV may execute viruses On February 10, 2005 12:01 pm, Dragos Ruiu wrote: > On February 10, 2005 10:29 am, Paul G wrote: > > ----- Original Message ----- > > From: "Jeff Wheeler" <[email protected]> > > To: "Colin Johnston" <[email protected]> > > Cc: <[email protected]> > > Sent: Thursday, February 10, 2005 1:18 PM > > Subject: Re: Symantec AV may execute viruses > > > > > Also, it doesn't appear that this issue effects the Mac software > > > (at least, I didn't see the Mac products in the Symantec > > > vulnerability list), only Windows products. > > > > if this is a heap overflow and if osx uses a bsd-derived libc (with > > phy malloc implementation), the vulnerability would not be > > exploitable. this seems like a probable explanation. > > Neil Mehta & Alex Wheeler from ISS who identified this and a number of > other AV issues will be doing a presentation on it entitled, "Owning > Antii-Virus" at CanSecWest. P.s. To not pick on any one vendor exclusively, it's not just Symantec that has issues... I know that an F-Secure advisory has now been released too... and who knows, as an educated guess, I'd bet there probably will be others coming... ;-) Allocating some IT schedule to AV updates/verification seems prudent. -- World Security Pros. Cutting Edge Training, Tools, and Techniques Vancouver, Canada May 4-6 2005 http://cansecwest.com pgpkey http://dragos.com/ kyxpgp
|