Safe`n`Sec software vulnerability fixed!
Released on = March 2, 2006, 6:21 am
Press Release Author = StarForce
Industry =
Press Release Summary = February 15th, Thierry Zoller from Luxemburg has published on his web http://secdev.zoller.lu/research/safnsec.htm a report on Safe'n'Sec proactive protection system existing vulnerability, Safe'n'Sec Personal+Antispyware version from StarForce Technologies. This bug allows other application execution instead of Safe'n'Sec startup. StarForce Technologies announces this trouble was fixed on February 21st and Safe'n'Sec users are absolutely safe now!
Press Release Body = 03.02.06
February 15th, Thierry Zoller from Luxemburg has published on his web http://secdev.zoller.lu/research/safnsec.htm a report on Safe'n'Sec proactive protection system existing vulnerability, Safe'n'Sec Personal+Antispyware version from StarForce Technologies. This bug allows other application execution instead of Safe'n'Sec startup. StarForce Technologies announces this trouble was fixed on February 21st and Safe'n'Sec users are absolutely safe now!
In this report the author explained that during Safe'n'Sec Personal+Antispyware installation, startup and following autostartup safensec.exe process is spawned through "Create Process" function. This process runs according to standard Windows procedure, C:\\Program Files\\StarForce\\safensec.exe. Considering presence of space in the path and absence of quotes around the path Windows could download any C:\\Program application, such as C:\\Program.exe, C:\\Program.com, C:\\Program.bat etc. instead of Safe'n'Sec. According to Thierry Zoller this is the main threat for users' PCs as any malicious code having entered the hard disk earlier can be activated while Safe'n'Sec startup.
However according to Safe'n'Sec developers this threat is not critical as it becomes real only if your hard disk is previously infected by the malware and true only for Windows 2000. In Windows XP scans hard disk for such program and blocks its startup. Besides such vulnerability is not unique for Safe'n'Sec and has been detected in the majority of similar solutions of such known vendors as Kaspersky Lab, Apple, Microsoft.
Anyway for 100% protection of Safe'n'Sec users on February 21, 2006 StarForce Technologies released the patch for all Safe'n'Sec versions!
About StarForce Technologies StarForce Technologies was founded in 1998. StarForce is an acknowledged expert in PC games, educational and business software protection. Since 2004 StarForce publishes HIPS solutions for PC and corporate networks protection from external and internal threats and unauthorized excess. StarForce Technologies has opened offices in Europe, North America, China and the CIS region with corporate headquarters based in Moscow, Russia.
PR service Olga Gorshkova PR-Director Protection Technology. 127106 Russia, Moscow Altufievskoe shosse 5/2 Phone: +7 (095) 967-1451 ext. 236 E-mail: olga.gorshkova@star-force.com
Web Site = http://www.star-force.com
Contact Details = 127106, Russia, Moscow Altufievskoe shosse 5/2 Phone: +7 (095) 967-1451 ext. 236 fax: +7 (095) 967-1452 E-mail: olga.gorshkova@star-force.com
Printer
Friendly Format
Back
to previous page...
Back
to home page...
Submit
your press releases...
|