FSC-2010-4: Binary Planting Vulnerability
Brief Description
Under certain circumstances, an attacker can trick the system into executing a binary file that has been planted on a disk resource that the computer can access.
Affected Platforms
All platforms supported by the affected products.
Products
Risk Level: HIGH (Low/Medium/High/Critical)
These products are affected by the vulnerability, but the needed hotfix is distributed automatically by the update system. End users do not need to take any actions.
• Solutions based on F-Secure Protection Service for Consumers version 9
• Solutions based on F-Secure Protection Service for Business - Workstation security version 9
• Solutions based on F-Secure Protection Service for Business - Email and Server Security version 9
• Solutions based on F-Secure Protection Service for Business - Server Security version 9
• F-Secure Internet Security 2010 and 2011
• F-Secure Anti-Virus 2010 and 2011
Risk Level: HIGH (Low/Medium/High/Critical)
These products are affected by the vulnerability. Administrators should download and apply the hotfixes listed below.
• F-Secure Client Security 9.00-9.01
• F-Secure Anti-Virus for Workstations 9.00-9.01
• F-Secure Anti-Virus for Windows Servers 9.00
• F-Secure Anti-Virus for Citrix Servers 9.00
Notes
F-Secure recommends that administrators of the affected systems patch or upgrade their systems.
Credit
F-Secure Corporation wants to thank Simon Raner of ACROS Security (http://www.acrossecurity.com) for bringing this issue to our attention.
Patch Available
| Product | Versions | Download |
|---|---|---|
| Solutions based on F-Secure Protection Service for Consumers | 9 | Fix is available in the automatic update channel. No user actions needed if automatic updates are enabled. |
| Solutions based on F-Secure Protection Service for Business - Workstation security | 9 | Fix is available in the automatic update channel. No user actions needed if automatic updates are enabled. |
| Solutions based on F-Secure Protection Service for Business - Email and Server Security | 9 | Fix is available in the automatic update channel. No user actions needed if automatic updates are enabled. |
| Solutions based on F-Secure Protection Service for Business - Server Security | 9 | Fix is available in the automatic update channel. No user actions needed if automatic updates are enabled. |
| F-Secure Internet Security | 2010 and 2011 | Fix is available in the automatic update channel. No user actions needed if automatic updates are enabled. |
| F-Secure Anti-Virus | 2010 and 2011 | Fix is available in the automatic update channel. No user actions needed if automatic updates are enabled. |
| F-Secure Client Security | 9.00-9.01 | ftp://ftp.f-secure.com/support/hotfix/fsavcs/FSAVCS900-HF02-signed.fsfix (5065 KB) ftp://ftp.f-secure.com/support/hotfix/fsavcs/FSAVCS900-HF02-signed.jar (5065 KB) ftp://ftp.f-secure.com/support/hotfix/fsavcs/FSAVCS901-HF08-signed.fsfix (5065 KB) ftp://ftp.f-secure.com/support/hotfix/fsavcs/FSAVCS901-HF08-signed.jar (5065 KB) |
| F-Secure Anti-Virus for Workstations | 9.00-9.01 | ftp://ftp.f-secure.com/support/hotfix/fsavcs/FSAVWKS900-HF01-signed.fsfix 5065 KB) ftp://ftp.f-secure.com/support/hotfix/fsavcs/FSAVWKS900-HF01-signed.jar (5065 KB) ftp://ftp.f-secure.com/support/hotfix/fsavcs/FSAVWKS901-HF03-signed.fsfix (5065 KB) ftp://ftp.f-secure.com/support/hotfix/fsavcs/FSAVWKS901-HF03-signed.jar (5065 KB) |
| F-Secure Anti-Virus for Windows Servers | 9.00 | ftp://ftp.f-secure.com/support/hotfix/fsav-server/FSAVSRV900_HF08.fsfix (4953 KB) ftp://ftp.f-secure.com/support/hotfix/fsav-server/FSAVSRV900_HF08.jar (4953 KB) |
| F-Secure Anti-Virus for Citrix Servers | 9.00 | ftp://ftp.f-secure.com/support/hotfix/fsav-server/FSAVSRV900_HF08.fsfix (4953 KB) ftp://ftp.f-secure.com/support/hotfix/fsav-server/FSAVSRV900_HF08.jar (4953 KB) |
Date Issued: 2010-12-15
Last Updated: 2010-12-15
