Attackers could crash the F-Secure and WithSecure scan engines
Patches close several gaps in security products from WithSecure formerly F-Secure.
If you use protection software from WithSecure (F-Secure) under Linux, macOS or Windows, you should update the applications. If this is not done, attackers could disable protection components.
The products affected are F-Secure Atlant, F-Secure Internet Gatekeeper, F-Secure Linux Security (32 and 64 bit), WithSecure Cloud Protection for Salesforce and WithSecure Collaboration.
Automatic update
The software manufacturer assures that the three vulnerabilities (CVE-2022-28876 “high“, CVE-2022-28878 “medium“, CVE-2022-28879 “medium“) are now closed. The security patches (Capricorn database 2022-07-04_09, 2022-07-11_07) should install themselves automatically.
In all cases, a remote attacker could plant a specially crafted file on the scanners, the processing of which is intended to cause the scan engine to crash. According to WithSecure, it has not observed any attacks so far.