F-Secure Anti-Virus for Microsoft Exchange Nested Password Protected Archives Bypass
Remote / Network Access
Loss of Integrity
F-Secure Anti-Virus for Microsoft Exchange contains a flaw that may allow a malicious user to bypass anti-virus protection. The issue may be triggered by nesting a malicious password-protected file inside a ZIP archive. The flaw is not directly exploitable but may lead to a more serious impact.
Currently, there are no known workarounds or upgrades to correct this issue. However, F-Secure Corporation has released a patch to address this vulnerability.