Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 1239 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Version 9 vulnerabilities - Article ID: 118424 (Tavis Ormandy)

Surry

In the article 118424 there is a number of vulnerabilities listed which affect version 9 of sophos. All but one of these state they are fixed in version 9.x.

The one which doesn't, is in relation to the sophos_detoured_x64.dll ASLR bypass vulnerability, which states it affects 9.X and 10.X however Fixed in version only lists version 10.X products.

Based on this I beliieve customers running the latest version 9.X of sophos are subject to this vulnerability and if so are there any plans to release an update to version 9 to resolve this? I realise there is the option to disable detours at an OS level but is this the only option to mitigate this vulnerability for customers running version 9?

For completeness, I am running Windows 7 x64, with Sophos AV 9.77, Detection Engine 3.37.2.

Many Thanks in advance

:35213


This thread was automatically locked due to age.
Parents
  • 0

    Hello Surry, Sophos is working on implementing the changes into 9.x , however there is always a risk when dealing with legacy code and we intend to ensure that when the release goes out it is stable and does not affect your infrastructure. We are aware that the majority of our customers who are on the extended maintenance packages are more interested in stability hence remaining on the older packages and are trying to ensure that we can fix this as fast and as safely as possible without introducing more risk to you.

    One point if you are still running windows XP on your estate and the ASLR is a concern for you, then you probably should push to upgrade your OS's to take advantage of this as well. Prior to Windows Vista ASLR was not implemented and the fix will not impact you. If you have any further questions (apart from can i have a date as i cannot answer that particular one) please ask. HTH.

    :35263
Reply
  • 0

    Hello Surry, Sophos is working on implementing the changes into 9.x , however there is always a risk when dealing with legacy code and we intend to ensure that when the release goes out it is stable and does not affect your infrastructure. We are aware that the majority of our customers who are on the extended maintenance packages are more interested in stability hence remaining on the older packages and are trying to ensure that we can fix this as fast and as safely as possible without introducing more risk to you.

    One point if you are still running windows XP on your estate and the ASLR is a concern for you, then you probably should push to upgrade your OS's to take advantage of this as well. Prior to Windows Vista ASLR was not implemented and the fix will not impact you. If you have any further questions (apart from can i have a date as i cannot answer that particular one) please ask. HTH.

    :35263
Children
No Data