Helsinki, March 17, 2008 – CERT-FI (the Finnish national Computer Emergency Response Team) and the British CPNI (Centre for the Protection of National Infrastructure) today released an advisory reporting that several vulnerabilities have been found in many different Anti-Virus vendors’ products, F-Secure being one of them. The vulnerabilities were discovered by a group of researchers at the University of Oulu, Finland, while testing these products. The vulnerabilities can allow an attacker to bypass crash and disable a security software by manipulating archive files. For F-Secure the found samples affected the company’s whole product line, but patches for all versions have already been built and delivered to the service based and consumer product customers automatically.
“When these vulnerabilities were found, the research group
contacted all the vendors directly by sending them a CD with
samples. As we were able to update our customer’s solutions already
before the vulnerabilities were published, our customers weren’t
affected”, comments Pirkka Palomäki, the Chief Technology Officer
at F-Secure. “We appreciate the work conducted by the University of
Oulu for reporting this issue.”
F-Secure’s own advisory on the subject can be found at
http://www.f-secure.com/security/
The report by CERT-FI can be read at
https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html
About F-Secure Corporation
F-Secure Corporation protects consumers and businesses against
computer viruses and other threats from the Internet and mobile
networks. F-Secure’s award-winning solutions are available as a
service subscription through more than 160 Internet service
providers and mobile operator partners around the world, making
F-Secure the global leader in this market. The solutions are also
available as licensed products through thousands of resellers
globally. The company aspires to be the most reliable security
provider, helping make computer and smartphone users’ connected
lives safe and easy. This is substantiated by the company’s
independently proven ability to respond faster to new threats than
its main competitors. Founded in 1988 and headquartered in Finland,
F-Secure has been listed on the OMX Nordic Exchange Helsinki since
1999. The company has consistently been one of the fastest growing
publicly listed companies in the industry. The latest news on
real-time virus threat scenarios is available at the F-Secure Data
Security Lab weblog at
http://www.f-secure.com/weblog/.
For more information, please contact:
F-Secure Corporation
Mikael Albrecht, Product Manager
Tel. +358 (0)40 550 9349
Email:
firstname.lastname@f-secure.com
Henrietta Malmari, Corporate Communicator
Tel. +358 (0)40 575 5646
Email:
firstname.lastname@f-secure.com
www.f-secure.com
