Computer Tips -Tech Info

Sans has the story on a security vulnerability involving specifically crafted .cab files affecting a WIDE range of SOPHOS antivirus products (from desktop to server.)

The main result of the vulnerability is arbitrary code execution, which is a bad thing…. PureMessage and MailMonitor users may be more at risk because, of course, it requires scanning of .cab files to be enabled.

sophos has a KB article on the issue.

Of course, this is a remotely exploitable vulnerability and should be a very high priority. Updates for most affected products have been available since April 28th. (Some were patched on May 5th.)

Popularity: 1% [?]

   Send article as PDF   

• Mac Wireless driver Security vulnerability revisited A couple weeks ago the hot story was about the demonstration of a vulnerability in a 3rd party wireless card driver on a Mac. The individuals that demonstrated the vulnerability (in a video taped presentation) also claimed that many wireless drivers were vulnerable to this same flaw and it included......
• Microsoft December 2005 Security updates Sans has the tip that information on the critical Windows updates expected tomorrow from Microsoft has started to be released. MS 05-54: Cumulative Security Update for Internet Explorer This will hopefully patch the javascript issues... MS 05-55: Vulnerability in Windows Kernel Could Allow Elevation of Privilege. More later in the......
• Wireless Driver Vulnerabilities There are a couple notes to pass along with regards to some pretty serious vulnerabilities in various wireless network adapter drivers. First, Sans has information on some Intel Centrino updates that resolve some vulnerabilities that would affect the Windows Centrino driver and the ProSet management software. F-secure chimes in on......

• Tune Up 360 TuneUp360 can auto scan and fix your computer errors with only one click. It is a kind of software which is specially designed for home users and busy people. You won't need to be a computer master. With just one click, you will get a fast, stable and secure......
• Microsoft Security Bulletin MS10-046 - Critical Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198) Published: August 02, 2010 | Updated: August 03, 2010 Version: 1.1 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon......
• Vuze - My Favorite BitTorrent Client I have been using Vuze for about 2 years and as for now I am very satisfied with this software. The main reason that I like this software is the torrent search function and the software does not interrupt my internet browsing bandwidth. Vuze was previously known as Azureus and......

Similar Posts

• Symantec Antivirus Remotely Exploitable Vulnerability
• Serious Symantec Antivirus Vulnerability
• Two critical fixes from Microsoft on December patch Tuesday
• Apple iTunes vulnerability on Windows
• Zeroday Internet Explorer vulnerability update

This entry was posted on Wednesday, May 10th, 2006 at 10:18 am and is filed under Security, Security-updates. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.