Security News > 2020 > February > F-Secure Patches Old AV Bypass Vulnerability

F-Secure Patches Old AV Bypass Vulnerability
2020-02-18 15:37

A vulnerability addressed by F-Secure in some of its business products could have been exploited to bypass their scanning engine using malformed archives.

The patched issue is actually over a decade old - it was initially detailed in 2009 by security researcher Thierry Zoller - and resides in an anti-virus application's inability to scan a compressed archive that a user can access.

Following the emergence of the first live attacks to exploit the vulnerability at scale for malware distribution, Zoller decided last year to check how various security products out there have been patched following his 2009 research.

Avira initially dismissed the report, saying the bypass does not represent a vulnerability.

"There are no indications this vulnerability is being actively exploited, and patches have been pushed out to the affected products."


News URL

http://feedproxy.google.com/~r/Securityweek/~3/ig3jI47mrlc/f-secure-patches-old-av-bypass-vulnerability

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
F Secure 29 3 29 31 1 64