A bug in Sophos' anti-virus software can be exploited by attackers to gain complete control of a compromised computer, the bug tracker firm Secunia said on Thursday. Patches are not yet available for all the affected editions.
The vulnerability, touted by bug tracker Secunia as "highly critical," can be exploited to create a heap-based buffer overflow. Attacks which cause the most damage tend to originate with a buffer overflow, which lets experienced attackers completely compromise a system, and then introduce their own code, delete files, or purge users.
Sophos has fixed the flaw in Sophos Anti-Virus 3.96.0 for Windows, Unix, NetWare, OS/2, and OpenVMS. It's also been corrected in all versions of Sophos Anti-Virus 4.5.4.
The Windows editions of Sophos Anti-Virus Small Business Edition should be patched by Friday, July 29, Sophos said in a support notice. The rest of its Anti-Virus line-up should fixed in the next two weeks, the company added.
Sophos credited Alex Wheeler, an independent security researcher, with the discovery. Wheeler and Neel Mehta of Internet Security Systems have been digging into anti-virus products since February. They presented their findings at this week's Black Hat security conference in Las Vegas.