ESET antivirus compromised; Telstra kills off dial-up; Blocking laws pass Senate

Security vendor ESET has released a patch for its antivirus products to fix a vulnerability that one expert said can be “trivially compromised”.

“On 22nd June 2015, ESET released an update that fixes a vulnerability in scanning engine related to code emulation. The discovery was made by Google’s Project Zero team and published on 23rd June 2015,” a statement from ESET said.

According to ESET, the vulnerability was found in “the emulation routine used in a particular scanner for a specific malware family” and didn’t affect the core emulation engine.

ESET said it released the update “a mere” three days after it was notified of the vulnerability.

“ESET customers will be protected automatically from this vulnerability without the need to perform any manual action. The fix has been delivered to all clients through regular updates that are enabled by default in all of our products,” the company said.

The vulnerability was discovered by Google Project Zero’s Tavis Ormandy, who wrote about the vulnerability on the Project Zero blog.

“Many antivirus products include emulation capabilities that are intended to allow unpackers to run for a few cycles before signatures are applied,” Ormandy wrote.

“Because it’s so easy for attackers to trigger emulation of untrusted code, it’s critically important that the emulator is robust and isolated,” he wrote. “Unfortunately, analysis of ESET emulation reveals that is not the case and it can be trivially compromised.”

Ormandy said the vulnerability meant that any network-connected computer running ESET could be “completely compromised”.

“A complete compromise would allow reading, modifying or deleting any files on the system regardless of access rights; installing any program or rootkit; accessing hardware such as camera, microphones or scanners; logging all system activity such as keystrokes or network traffic; and so on,” he wrote.

Ormandy said that all currently supported versions and editions of ESET share the vulnerable code.

He noted that ESET had indeed released an update to address the vulnerability.

Telstra to kill consumer dial-up

Telstra has revealed plans to cut off the dial-up internet services of its consumer customers by the end of the year.

Stuart Bird, director of fixed broadband and bundles at the telco, announced the plans in a blog entry on the Telstra website.

“With the expanded availability of ADSL/ADSL2/VDSL, cable, fibre, wireless and satellite broadband solutions, including over the National Broadband Network, and the continued decline in the use of dial-up, we have decided to retire dial-up internet services for the small number of our consumer customers who still have them,” Bird wrote.

These services will be retired by December 2015, he said.

According to ITnews, only consumer and wholesale accounts are being retired, not business or enterprise accounts.

Bird said the telco will be contacting the affected dial-up customers “shortly” to offer them “an alternate way to access the internet and to help [those customers] move across”.

“And if you’re holding onto your dial-up service just so you can access your BigPond email account, we’ve got that covered too. We are making arrangements so you can keep your address and we will be letting you know about this shortly,” he said.

Website blocking laws

The Australian Senate has passed legislation that will allow rights holders to apply to the Federal Court to have overseas piracy-related websites blocked in Australia, as reported by the ABC.

The Copyright Amendment (Online Infringement) Bill 2015 reportedly passed with 37 votes for, 13 against.

The Bill had the support of the Coalition and Labor, and was opposed by David Leyonhjelm, Glen Lazarus, Ricky Muir and the Greens, ITnews reported.

“Does anyone seriously believe that this scheme won’t be expanded in the future to cover more categories of content? Of course it will. It has scope creep absolutely built into it. It is lazy, and it is dangerous,” Greens senator Scott Ludlam reportedly said in a Senate debate.

Cnet quoted Leyonhjelm as saying: “The Bill is vaguely drafted and ... aims to protect rights holders at everyone else’s expense, which is not how the rule of law is supposed to work.”

Foxtel CEO Richard Freudenstein was reportedly pleased with the result.

“These offshore sites are not operated by noble spirits fighting for the freedom of the internet, they are run by criminals who profit from stealing other people’s creative endeavours,” Fairfax quoted Freudenstein as saying.

Image courtesy Yi Shiang under CC