Skip to main content

Use Sophos antivirus? Watch out

Tim Bray notes a post on Neohapsis:

A working exploit for Sophos 8.0.6 on Mac is available, however the
techniques used in the exploit easily transfer to Windows and Linux,
due to multiple critical implementation flaws described in the paper.
Testcases for the other flaws described in the paper are available on
request.

Sophos responded with a post on the multiple vulnerabilities, and it responded over and over that “Sophos has seen no evidence of this vulnerability being exploited in the wild.” But, is that really good enough? How about issuing a fix in the two plus months that they’ve known about these issues?  It only takes one wild exploit.

Sophos gave 9to5Mac the following comment:

Some were fixed last month, and for others we started rolling out patches to our users today.  :-)

Users of Sophos products should be automatically updated, but if anyone wants to be sure they can initiate a manual update.

Enhanced by Zemanta

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Seth Weintraub Seth Weintraub

Publisher and Editorial Director of the 9to5/Electrek sites.


Seth Weintraub's favorite gear

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications