Researchers find vulnerabilities in anti-virus software

Anti-virus software can be exploited to corrupt IT systems, according to a report by a group of researchers.

German firm AERAsec Network Services and Security GmbH reports to have found vulnerabilities in popular anti-virus software from McAfee, Kaspersky and TrendMicro.

Exploiting the vulnerability can force networks to a standstill resulting in effects similar to a denial-of-service attack, the company claims.

"There is a problem with decompressing files," said Dr. Peter Bieringer, security consulatant for AERAsec Network Services. "Normally anti-virus software decompresses files for scanning. The decompression unit can have problems if the decompressed file is too big."

AERAsec believes that decompressing a large file can use up all available file space and processing power of a computer resulting in machine failure.

"Good anti-virus software has a storage limit, but some software decompression units have no limit," said Bieringer.

In a statement, McAfee admitted it had known about the issue for some time.

"It is an issue McAfee is aware of, but we are still deciding on the depth of the problem," said a spokesman for the company. "We are looking at the basis of our systems. Whether we need to concentrate on that, we won't know until testing has finished on Friday."

Kaspersky AntiVirus for Linux, Trend Micro InterScan VirusWall 3.8 Build 1130, and McAfee Virus Scan for Linux 4.16.0 were all found to have issues with the vulnerability.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.