Security Basics mailing list archives
RE: Old anti-virus program version with latest virus definition file
From: "Ramsdell, Scott" <Scott.Ramsdell () cellnethunt com>
Date: Thu, 1 Nov 2007 13:17:33 -0400
Foragersec, You could still be vulnerable if the anti-virus client itself has a vulnerability that could be exploited. For example, not too long ago an AV client (forgot which) had the following vulnerability: 1. the client launched an .exe with system privileges 2. the client install added the client directory to the end of the Windows PATH variable 3. the client did not validate that the .exe was launched from the install directory So, any malicious individual who could drop a similarly named .exe into a directory in the PATH prior to the client install directory would get their .exe ran with system privileges. Kind Regards, Scott Ramsdell CISSP CCNA MSCE Security Network Engineer Cellnet+Hunt -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of foragersec () yahoo co in Sent: Thursday, November 01, 2007 8:48 AM To: security-basics () securityfocus com Subject: Old anti-virus program version with latest virus definition file Could anyone assist me with this? I have Old anti-virus program version, but my virus definition file is the latest one. I get the definitions updated daily. Now I wanted to know am I still at risk with the above scenario. As I understand the latest virus definition file would surely protect me with the current risks. Would this be sufficient with an older version of the anti-virus program running on my system? Thanks in Advance, Regards foragersec
Current thread:
- Old anti-virus program version with latest virus definition file foragersec (Nov 01)
- RE: Old anti-virus program version with latest virus definition file David Harley (Nov 01)
- Re: Old anti-virus program version with latest virus definition file Jan Heisterkamp (Nov 01)
- RE: Old anti-virus program version with latest virus definition file Ramsdell, Scott (Nov 01)
- RE: Old anti-virus program version with latest virus definition file Ackley, Alex (Nov 01)
- <Possible follow-ups>
- Re: Old anti-virus program version with latest virus definition file rohnskii (Nov 01)