They stated that they were absolutely cautious in making secure code.
Ormandy targeted some specific abilities in ESET that are found across antivirus products.
.zip files), to run in a segmented, separated environment.
Because there is zero user-interaction required, this vulnerability is a perfect candidate for a worm.
Corporate deployments of ESET products are conducive to rapid self-propagation, quickly rendering an entire fleet compromised.
All business data, PII, trade secrets, backups and financial documents can be stolen or destroyed.
Ormandy stated that an attacker could also put the exploit onto a USB drive for quicker deployment.
ESET has not yet commented on the vulnerability in its software.
source: www.techworm.net
