mailing list archives
RE: Old anti-virus program version with latest virus definition file
From: "Ramsdell, Scott" <Scott.Ramsdell () cellnethunt com>
Date: Thu, 1 Nov 2007 13:17:33 -0400
You could still be vulnerable if the anti-virus client itself has a
vulnerability that could be exploited.
For example, not too long ago an AV client (forgot which) had the
1. the client launched an .exe with system privileges
2. the client install added the client directory to the end of the
Windows PATH variable
3. the client did not validate that the .exe was launched from the
So, any malicious individual who could drop a similarly named .exe into
a directory in the PATH prior to the client install directory would get
their .exe ran with system privileges.
CISSP CCNA MSCE
Security Network Engineer
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of foragersec () yahoo co in
Sent: Thursday, November 01, 2007 8:48 AM
To: security-basics () securityfocus com
Subject: Old anti-virus program version with latest virus definition
Could anyone assist me with this?
I have Old anti-virus program version, but my virus definition file is
the latest one.
I get the definitions updated daily. Now I wanted to know am I still at
risk with the above scenario.
As I understand the latest virus definition file would surely protect me
with the current risks. Would this be sufficient with an older version
of the anti-virus program running on my system?
Thanks in Advance,