Sophos Attacks
Posted by: Dan O'Connor
Uncategorized
There was a whole list of attacks published against Sophos Anti-Virus a little while ago.
In my opinion none of the disclosed vulnerabilities are minor.
My favorite of the bunch involves a stack overflow scanning PDF’s. Simply receiving the file via a mail client is all that is needed, as soon as you get the file Sophos will do it thing and scan it. Opening it is not needed.
http://www.sophos.com/en-us/support/knowledgebase/118424.aspx
https://lock.cmpxchg8b.com/sophailv2.pdf
I don’t know what I would call this whole thing, software will have vulnerabilities. It’s just going to be a thing that’s there. It is possible to improve coding practices to limit these, but there is a balance with getting it out the door and people still make mistakes. Personal I would have to say my confidence in the product has been shaken, but not as much as it could have been in there was active exploitation in the wild.
Comment
RSS Feed
Email a friend
