An infected file could be activated before the antivirus engine starts
An infected file could be activated before the antivirus engine starts
R E L A T E D   C O N T E N T
Similar articles
KnowledgeBANK
News centre
More from vnunet.com

Free email newsletters




ADVERTISEMENT

Users warned on Sophos antivirus flaw

Security firm advises customers to ensure they have the latest version

Iain Thomson, vnunet.com 11 May 2005
ADVERTISEMENT

Sophos is advising customers to upgrade their antivirus applications after a flaw was found in an old version of the security firm's software.

The vulnerability was highlighted on the Bugtraq mailing list, and concerns how a potentially infected file could be hidden on a hard drive without being scanned by Sophos' software.

One of the dangers is that, after a reboot, the infected file could be activated before the antivirus engine starts to function.

The flaw affects version 3.93 of Sophos' antivirus engine and users are advised to upgrade to version 5.0.1.

"We have had no users reporting this issue to us with the current latest shipping version of Sophos Anti-Virus," said Graham Cluley, senior technology consultant at Sophos.

"I think a mixture of unusual circumstances, not running the latest version of Sophos Anti-Virus, and a determination to run a program before Windows has finished starting up has resulted in this individual user's experience."

He pointed out that Sophos can scan files as they are written onto the PC, but that this option is turned off by default as it is not normally required.

See also:

Wurmark-K displays a picture of an albino gorilla
Virus writers resort to gorilla tactics
Monkey business hides Wurmark-k payload  10 May 2005
ISPs have a 'duty of care' to protect cusomers
Telewest blacklisted for virus infestation
Cable firm promises built-in security software from the summer  10 May 2005
MyDoom.BQ installs a backdoor channel to IRC
MyDoom variant opens backdoor IRC channel
Hackers able to take complete control of affected PCs  10 May 2005
Security
Security
The latest wave of cyber-crimes and acts of vandalism have demonstrated once again that many systems are still vulnerable to attack.  15 Apr 2004

All Enterprise Security Technology

Like this story? Spread the news by clicking below:

Post this to Delicious del.icio.us    Post this to Digg Digg this    Post this to reddit reddit!

Permalink for this story
R E A D E R   C O M M E N T S
Post your comment Post your comment   What is this?

M A R K E T P L A C E
Sponsored links
F E A T U R E D   J O B S
System Tester/Test Analyst £27K-£32K+bonus, flexi, 35 hr week
West Midlands, Warwickshire, United Kingdom | Latham
System Tester/Test Analyst £27K-£32K + bonus, flexitime, 35 hour week, South Warwickshire, West Midlands. System Tester, Test Analyst, Systems Tester. Large financial services company looking for proven Testers and Test Analysts. Do you have at least ... more >
Network and Systems Engineers
United Kingdom | MI5 Security Service
Network and Systems Engineers Working for MI5 you will use your expertise to protect the UK from terrorism, espionage and other threats to national security. You'll be joining a team that provides essential technical analysis ... more >
Assistant Director / Head of ICT
Hove, United Kingdom | Brighton & Hove City Council
 Assistant Director / Head of ICT, c£75k plus relocation, Hove  Technology has a huge part to play in people's lives. It empowers them, supports them, sets them free and makes their lives easier in a million ... more >
Operations Engineer
Colindale (C1905), United Kingdom | NHS Blood and Transplant
 Operations Engineer, £28,313 - £37,326 pa plus High Cost Area Supplement, Colindale (C1905) About us The National Blood Service is an integral and vital part of the NHS. Our two million volunteer donors contribute 1.6 ... more >
More job opportunities

Useful links: About us . Privacy policy . Terms & conditions . Site map . Bookmark this site . Advertise
Consumer Technology websites:
Active Home Product reviews, competitions, news
Computeractive Software reviews, hardware reviews, buyers' guides, workshops, downloads
Gizmodo the daily gadget blog: technology news and reviews
PC Magazine your personal guide to technology
PCW software product reviews, hardware product reviews, buyers' guides, competitions
WebAct!ve what's happening on the web
What PC? helping you purchase the right computer, digital camera, peripherals, gadgets and more
Blogs:
Test Bed The PCW Labs blog, PCW Inter@ctive A reader blog from PCW. Your views, your comments, your say, Windows Watch Keeping an eye on the latest XP % Vista news
Jobs & Recruitment websites:
Accountancy Age Jobs Accountant jobs, jobs in finance, audit jobs, cima jobs, acca jobs, corporate finance jobs, management accounting jobs, finance director jobs, finance recruitment agency directory, Top 50 accountancy firms, accountant salary survey
Computing Careers IT jobs, Programmer jobs, Developer jobs, IT manager jobs, Project manager jobs, SAP jobs, Oracle Jobs, Java Jobs, IT recruitment agency directory, Top IT Employers 2005
Inquirer Jobs Software Engineer Jobs, firmware developer jobs, electronics engineer jobs
Other titles in the Incisive Media network:
Business Technology websites: BusinessGreen . Computing . Computing Business . CRN . The Inquirer . IT Week . vnunet.com
Business & Finance websites: Accountancy Age . Best Practice . Financial Director . Management Consultancy
© Incisive Media Ltd. 2008
Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503