Security News > 2020 > January > Antivirus Vendors Patch Bug First Discovered 10 Years Ago

Antivirus Vendors Patch Bug First Discovered 10 Years Ago
2020-01-06 18:37

Four antivirus providers have released patches for an issue that was initially detailed by a researcher more than 10 years ago.

Reported by Thierry Zoller in 2009, the bug resides in an attacker's ability to craft compressed archives that, although accessible to a user, cannot be scanned by the antivirus product.

Multiple types of archive formats can be used, including ISO, ZIP, and Bz2. The bug has a low impact on the client side, considering that the user can inspect the file after extraction, but severely impacts any email gateways or antivirus infrastructure, given that the archive cannot be automatically decompressed to inspect its content.

"We also have fixed three bugs in one of anti-virus engine components that is responsible for work with ZIP archives. The fix for this component corrects its behaviour in situation of antivirus scanning specially crafted ZIP archives. These malformed archives could be used to circumvent our antivirus scan process. The bugs affected Kaspersky products with antivirus databases," Kaspersky said.

While these two vendors were quick to patch the flaws in their products and credit Zoller for reporting them, Avira and Bitdefender were not as responsive, the security researcher says.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/4Hd0lQ4T4xE/antivirus-vendors-patch-bugs-first-discovered-10-years-ago