X

Flaw found in Sophos antivirus

Company says it's fixed some versions of its flagship package to combat a hole that could let in buffer overflow attacks.

Michael Kanellos Staff Writer, CNET News.com
Michael Kanellos is editor at large at CNET News.com, where he covers hardware, research and development, start-ups and the tech industry overseas.
See full bio
Michael Kanellos
Sophos has announced a flaw in its flagship antivirus product, but said that it is working on fixes.

The Abingdon, England-based company said that Sophos Anti-Virus can potentially be attacked by a buffer overflow, which knocks out a program by flooding it with data. A patch has already been created for Sophos Antivirus 4.5.4 and for most versions of Sophos Antivirus 3.96.0. An update for Sophos Anti-Virus Small Business Edition will be released on Friday, and all other versions will be fixed within two weeks, the antivirus maker said.

"Although theoretically a risk, Sophos has not seen any examples of malware attempting to exploit this vulnerability," the company said in its advisory.

The flaw was discovered by Alex Wheeler, the company stated. Earlier in the week, Neel Mehta of Internet Security Systems in Atlanta, said that he and Wheeler would hold a session at the Black Hat security conference this week in Las Vegas to outline how antivirus programs could increasingly become targets for hackers because of latent flaws.

In the past year, ISS has discovered bugs in products from security software makers Symantec, McAfee, Trend Micro and F-Secure, he noted. Earlier this week, several flaws discovered by ISS were disclosed and fixed in Clam Antivirus, a popular open-source virus scanner.