Panda Software has fixed a flaw in its anti-virus products that could have allowed an attack resulting in control over a user's computer, a company spokesman said Friday.
Panda did not receive any reports of exploits, and the problem was fixed within two days, said Fernando de la Cuadra, international technical editor, from Madrid. The vulnerability affected all of the company's anti-virus products, he said. A patch was sent out to the company's customers automatically, de la Cuadra said.
The vulnerability was discovered Nov. 28 and reported by Alex Wheeler at www.rem0te.com. The problem was contained within the Panda Antivirus Library that provides file support for virus analysis, according to the advisory from rem0te.com and also carried by the French Security Incident Response Team.
During decompression of files in the ZOO compressed file format, computers were vulnerable to a heap overflow that could allow exploits through protocols such as SMTP, the advisory said.
Rss FeedRss Feed
The Leader in Network Knowledge
Comments (1)
Not a Panda fanBy Patty Nelson on August 10, 2007, 10:57 amI don't think the problem has been fixed. I have tried to intall Panda Internet Security since 8/4. It has locked up my computer most of the time and won't allow...
Reply | Read entire comment
View all comments