Channel Register

Original URL: http://www.channelregister.co.uk/2008/02/29/symantec_trend_security_bugs/

Symantec and Trend grapple with buffer overflow bugs

By John Leyden
Published Friday 29th February 2008 08:55 GMT

Security products from both Trend Micro and Symantec - two of the big three anti-virus players - have become the subject of serious security vulnerabilities.

Errors (http://secunia.com/advisories/29140) in Symantec's Decomposer engine create a denial of service or system compromise risk for several enterprise security products (such as Mail Security for Microsoft Exchange and AntiVirus for Network Attached Storage).

Vulnerabilities triggered when processing malformed RAR archive files might be used to inject malware onto vulnerable systems (in the most serious case (http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=667)) or crash servers.

Security researchers at iDefense discovered the flaws. Symantec published an advisory (http://www.symantec.com/avcenter/security/Content/2008.02.27.html) on Tuesday explaining how sys admins can update their software.

Decomposer components decompress or unpack files. The components have been something of a weak spot in Symantec products of late. As well as being the root cause of the latest security bugs, troubles in updating Decomposer files were behind an error-generating bug that caused all sorts of grief for corporate sys admins earlier this month.

Separately, independent security researchers have discovered buffer overflow bugs in OfficeScan and Policy Server software packages from Trend Micro. Sys admins are advised (http://secunia.com/advisories/29124) to restrict network access to the services pending the availability of patches. ®

© Copyright 2008