A working exploit for Sophos 8.0.6 on Mac is available, however the techniques used in the exploit easily transfer to Windows and Linux, due to multiple critical implementation flaws described in the paper. Testcases for the other flaws described in the paper are available on request.
Sophos responded with a post on the multiple vulnerabilities, and it responded over and over that “Sophos has seen no evidence of this vulnerability being exploited in the wild.” But, is that really good enough? How about issuing a fix in the two plus months that they’ve known about these issues? It only takes one wild exploit.
Sophos gave 9to5Mac the following comment:
Some were fixed last month, and for others we started rolling out patches to our users today. :-)
Users of Sophos products should be automatically updated, but if anyone wants to be sure they can initiate a manual update.