Irregular Expressions

Nov 11 2012   11:13PM GMT

Sophos Attacks

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

There was a whole list of attacks published against Sophos Anti-Virus a little while ago.

In my opinion none of the disclosed vulnerabilities are minor.

My favorite of the bunch involves a stack overflow scanning PDF’s. Simply receiving the file via a mail client is all that is needed, as soon as you get the file Sophos will do it thing and scan it. Opening it is not needed.

http://www.sophos.com/en-us/support/knowledgebase/118424.aspx

http://www.pcworld.com/article/2013580/researcher-finds-critical-vulnerabilities-in-sophos-antivirus-product.html

https://lock.cmpxchg8b.com/sophailv2.pdf

I don’t know what I would call this whole thing, software will have vulnerabilities. It’s just going to be a thing that’s there. It is possible to improve coding practices to limit these, but there is a balance with getting it out the door and people still make mistakes. Personal I would have to say my confidence in the product has been shaken, but not as much as it could have been in there was active exploitation in the wild.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: