In this section

• Home
• Support
• Knowledgebase
• Articles

Online support

• Knowledgebase
• Virus disinfection

Product maintenance

• Downloads and updates
• Documentation
• Software lifecycle

Contact support

• Talk to an expert
• Send a sample
• Email us

Support services

• Overview
• Technical Support
• Professional Services
• Technical Training

Resolution of reserved device name handling vulnerability

Sophos Anti-Virus version 3.86 fixed a vulnerability, reported by iDEFENSE in its security advisory, Sophos Small Business Suite Reserved Device Name Handling Vulnerability.

The vulnerability existed in attempts to scan files and directories named as reserved MS-DOS devices (for instance, LPT1 and COM1). If malicious code was embedded in files containing these names, it would not be detected.

Sophos Anti-Virus version 3.86, which fixed the vulnerability, was made available on 23 September 2004, and customers who use EM Library were automatically updated.

Sophos Small Business Suite users were also automatically updated.

Sophos thanks iDEFENSE for its assistance on this issue.

If you need more information or guidance, then please contact technical support.

• Article ID: 12004
• Created: 24 Sep 2004
• Last updated: 17 Nov 2005

Rate this article Choose a rating Very useful Quite useful Moderately useful Not very useful Not useful at all

•  Read our search tips
• Contact one of our experts
• Suggest an improvement