 |
Severity: Medium |
Zone Labs Compressed File Scanning
Overview: A vulnerability
exists in the antivirus technology provided by Computer Associates
and included with ZoneAlarm Internet Security Suite® and ZoneAlarm Antivirus. A specially crafted compressed (ZIP) file attachment
may potentially bypass the antivirus scanning engine.
ZoneAlarm Internet Security Suite and ZoneAlarm Antivirus users will receive
an antivirus update to resolve this issue. This update is available
and has been distributed to users as of October 18th, 2004.
Users configured to receive automatic antivirus updates will receive this
update automatically. Users with manual antivirus updates should use the
'Update Now' option to obtain the update (see 'Recommended actions' section
below).
Date Published: October 18, 2004
Date Last Revised: October 18, 2004
Impact: A specially crafted
ZIP file attachment may potentially bypass the antivirus scanning
engine.
Affected Products:
- ZoneAlarm Internet Security Suite, ZoneAlarm Antivirus
Unaffected Products:
- No other Zone Labs products are affected by this issue
Description: ZoneAlarm Internet Security Suite and ZoneAlarm Antivirus scan ZIP files to identify and
clean malware. A specially crafted ZIP file attachment may potentially
bypass the antivirus scanning engine.
Recommended Actions: ZoneAlarm Internet Security Suite
and ZoneAlarm Antivirus users will receive the update through
a virus definition update.
Users with automatic virus updates will receive the update automatically.
No action is required.
Users with manual virus updates can use the “Update Now...” feature
within ZoneAlarm products to obtain the update.
To manually update
your Antivirus definitions:
- Select Antivirus | Main.
- In the Status section, choose "Update Now...".
To verify the affected file is up-to-date, search for files named: arclib.dll
- Right-click this file and select Properties
- Under the Properties | Version, select the File Version item
The updated and patched arclib.dll is version: 7.2.1.4
Related Resources:
Acknowledgments: Zone Labs would like
to acknowledge
iDEFENSE
for reporting this issue.
Contact: Zone Labs customers who are concerned about information contained in this advisory or have additional technical questions may reach our Technical Support team at: http://www.zonelabs.com/support/. To report security issues with Zone Labs products contact security@zonelabs.com.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. Zone Labs and Zone Labs products, are registered trademarks of Zone Labs Incorporated. and/or affiliated companies in the United States and other countries. All other registered and unregistered trademarks represented in this document are the sole property of their respective companies/owners.
Copyright: ©2004 Zone Labs LLC All rights reserved. Zone Labs, TrueVector, ZoneAlarm, and Cooperative Enforcement are registered trademarks of Zone Labs LLC The Zone Labs logo, Check Point Integrity and IMsecure are trademarks of Zone Labs, Inc. Check Point Integrity protected under U.S. Patent No. 5,987,611. Reg. U.S. Pat. & TM Off. Cooperative Enforcement is a service mark of Zone Labs LLC All other trademarks are the property of their respective owners.
Any reproduction of this alert other than as an unmodified copy
of this file requires authorization from Zone Labs. Permission
to electronically redistribute this alert in its unmodified form
is granted. All other rights, including the use of other media,
are reserved by Zone Labs LLC.
|
