Date issued | 2010-04-12 |
---|---|
Last updated | 2010-04-12 |
Risk level | Low (Low/Medium/High/Critical) |
Brief description | Malware inside specially crafted 7Z, GZIP, CAB or RAR archive files may remain undetected. The issue with 7Z archive files is corrected automatically in all affected products. Fixing the issue with other archive files may require manual installation of a fix on some systems. |
Mitigating factors |
|
Affected platforms | All platforms supported by the affected products. |
Products | Solutions based on F-Secure Protection Service for Business - E-mail and Server security version 9 and earlier F-Secure Anti-Virus for Microsoft Exchange 9 and earlier F-Secure Internet Gatekeeper for Windows 6.61 and earlier F-Secure Internet Gatekeeper for Linux 4.02 and earlier F-Secure Anti-Virus for MIMEsweeper 5.61 and earlier |
Risk level | Medium (Low/Medium/High/Critical) |
Notes | These products are typically deployed in a role where they scan files in transit to other systems. Failure to detect malware inside the specially crafted archives does not put the integrity of these systems into danger, but is a failure to perform the products’ main task and can lead to increased risk for other systems. All administrators of these products are instructed to check if manual actions are required, and make sure that the needed fixes are applied. |
Products | F-Secure Internet Security 2010 and earlier F-Secure Anti-Virus 2010 and earlier F-Secure Home Server Security 2009 Solutions based on F-Secure Protection Service for Consumers version 9 and earlier Solutions based on F-Secure Protection Service for Business - Workstation security version 9 and earlier Solutions based on F-Secure Protection Service for Business - Server Security version 8 and earlier Services based on F-Secure Mac Protection build 8060 and earlier F-Secure Client Security 9 and earlier F-Secure Anti-Virus for Workstations 9 and earlier F-Secure Anti-Virus for Windows Servers 9 and earlier F-Secure Linux Security 7.03 and earlier F-Secure Anti-Virus Linux Client Security 5.54 and earlier F-Secure Anti-Virus Linux Server Security 5.54 and earlier F-Secure Anti-Virus for Linux Servers 4.65 F-Secure Anti-Virus for Citrix Servers 9 and earlier |
Risk level | Low (Low/Medium/High/Critical) |
Notes | These products support scanning inside archive files to detect malware that enter the system at an early stage. Failure to detect the malware inside the archives will delay detection. But the malware will still be detected when extracted or executed. Administrators of these systems can check the list of available fixes to ensure maximal protection. |
Advisory location | http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html |
Product | Versions | Download |
---|---|---|
F-Secure Internet Security F-Secure Anti-Virus |
All versions | Fix is available in the automatic update channel. No user actions needed if automatic updates are enabled. |
Solutions based on F-Secure Protection Service for Business - E-mail and Server security | All versions | Fix is available in the automatic update channel. No user actions needed if automatic updates are enabled. |
Solutions based on F-Secure Protection Service for Business - Workstation security | All versions | Fix is available in the automatic update channel. No user actions needed if automatic updates are enabled. |
Solutions based on F-Secure Protection Service for Business - Server Security | All versions | Fix is available in the automatic update channel. No user actions needed if automatic updates are enabled. |
Solutions based on F-Secure Protection Service for Consumers version | All versions | Fix is available in the automatic update channel. No user actions needed if automatic updates are enabled. |
Services based on F-Secure Mac Protection | All versions | Fix is available in the automatic update channel. No user actions needed if automatic updates are enabled. |
F-Secure Client Security | 8 - 9 | Fix is available in the automatic update channel. No user actions needed if automatic updates are enabled. |
F-Secure Anti-Virus for Workstations | 8 - 9 | Fix is available in the automatic update channel. No user actions needed if automatic updates are enabled. |
F-Secure Anti-Virus for Windows Servers | 8 - 9 | Fix is available in the automatic update channel. No user actions needed if automatic updates are enabled. |
F-Secure Anti-Virus for Microsoft Exchange | 9 | Fix is available in the automatic update channel. No user actions needed if automatic updates are enabled. |
F-Secure Anti-Virus for Citrix Servers | 8 - 9 | Fix is available in the automatic update channel. No user actions needed if automatic updates are enabled. |
F-Secure Anti-Virus for Microsoft Exchange | 6.62 | ftp://ftp.f-secure.com/support/hotfix/fsav-mse/fsavmse662-10.zip |
F-Secure Anti-Virus for Microsoft Exchange | 7.10 | ftp://ftp.f-secure.com/support/hotfix/fsav-mse/fsavmse710-06.zip |
F-Secure Anti-Virus for Microsoft Exchange | 8.00 | ftp://ftp.f-secure.com/support/hotfix/fsav-mse/fsavmse800-03.zip |
F-Secure Anti-Virus for Citrix Servers | 7.00 | ftp://ftp.f-secure.com/support/hotfix/fsav-server/FSAV744-11.fsfix |
F-Secure Internet Gatekeeper for Linux | 2.16 – 4.02 | ftp://ftp.f-secure.com/support/hotfix/fsav-linux/libfm.4.10.16130.tar.gz Upgrade to version 4.03: http://www.f-secure.com/en_EMEA/downloads/product-updates/internet-gatekeeper-for-linux/ |
F-Secure Internet Gatekeeper for Windows | 6.61 | ftp://ftp.f-secure.com/support/hotfix/fsig/fsigk661-06.zip |
F-Secure Anti-Virus for MIMEsweeper | 5.61 | ftp://ftp.f-secure.com/support/hotfix/fsav-server/FSAVSR561-05.fsfix |
F-Secure Linux Security | 7.03 | ftp://ftp.f-secure.com/support/hotfix/fsav-linux/libfm.4.10.16130.tar.gz |
Revision history | - |
---|---|
Credits | F-Secure want to thank ReversingLabs (http://www.reversinglabs.com) for reporting this issue. |
Contact information | Support: http://www.f-secure.com/en_EMEA/support/ Website: http://www.f-secure.com/ |