Maker tech hub — AI · 3D print · Pi · ESP32 · plus the classic tech archive.

Free ESP32 kit · Books · Network Ninja · Archive

Classic tech archive. From the original averyjparker.com tech blog — historical context; pair with modern guides where noted. Full archive · Maker projects · Network Ninja

Classic tip · Security

Sophos antivirus vulnerabilities...

Sans has the story on a security vulnerability involving specifically crafted .cab files affecting a WIDE range of SOPHOS antivirus products (from desktop to server.) The main result of the vulnerabi…

Written by

Avery J. Parker

IT veteran, maker educator, and author of Network Ninja, 3D Printing Mastery, and AI Workflow Mastery. Business IT: Diversified Tech Solutions.

Sans has the story on a security vulnerability involving specifically crafted .cab files affecting a WIDE range of SOPHOS antivirus products (from desktop to server.)

The main result of the vulnerability is arbitrary code execution, which is a bad thing.... PureMessage and MailMonitor users may be more at risk because, of course, it requires scanning of .cab files to be enabled.


sophos has a KB article on the issue.

Of course, this is a remotely exploitable vulnerability and should be a very high priority. Updates for most affected products have been available since April 28th. (Some were patched on May 5th.)