Leading ISPs are fretting after it was revealed that Trend Micro's AntiVirus Library has a serious security glitch.
The library is widely used by ISPs and e-mail services including Hotmail. It is also a feature in many third-party security products.
According to a Trend Micro advisory, the library has problems handling ARJ compressed files. It is possible to create a specially crafted ARJ archive file that overwrites data after the allocated 512-byte buffer - this specially crafted file could possibly execute an arbitrary code, the advisory said.
In other words you could hide some nasty code in the library and it would never be found until the virus writer wanted you to.
News source:
ieXbeta
Full story:
View Here