Users warned on Sophos antivirus flaw

Security firm advises customers to ensure they have the latest version

Sophos is advising customers to upgrade their antivirus applications after a flaw was found in an old version of the security firm's software.

The vulnerability was highlighted on the Bugtraq mailing list, and concerns how a potentially infected file could be hidden on a hard drive without being scanned by Sophos' software.

One of the dangers is that, after a reboot, the infected file could be activated before the antivirus engine starts to function.

The flaw affects version 3.93 of Sophos' antivirus engine and users are advised to upgrade to version 5.0.1.

"We have had no users reporting this issue to us with the current latest shipping version of Sophos Anti-Virus," said Graham Cluley, senior technology consultant at Sophos.

"I think a mixture of unusual circumstances, not running the latest version of Sophos Anti-Virus, and a determination to run a program before Windows has finished starting up has resulted in this individual user's experience."

He pointed out that Sophos can scan files as they are written onto the PC, but that this option is turned off by default as it is not normally required.