Security expert Tavis Ormandy has revealed critical security vulnerabilities in Sophos anti-virus software. He has published a full analysis on the SecLists.org security mailing list newsletter. The security deficits listed have been fixed since 5 November and the company is not aware of any of the vulnerabilities having been exploited in the wild. The complete list of bugs identified will, it says, be fixed by 28 November at the latest at the earliest of this month. The vulnerability is also likely to affect Linux and Windows versions.”]
Source: http://www.h-online.com/security/news/item/Sophos-fixes-critical-security-vulnerability-1744777.html