CVE-2022-28887 An DoS vulnerability was found in F-Secure and WithSecure products. The aerdl.dll unpacker handler crashes.

However, no other attack vectors have been reported. We recommend updating your software as soon as possible. If you have unexpired support, we recommend contacting F-Secure support to request a replacement. In the meantime, you can also try updating to the latest version of the software.

On 20 January 2018 at 14:02 (EET) a critical vulnerability was discovered in F-Secure products that can allow unauthenticated remote code execution. This vulnerability, which has been assigned the CVE-2018-1087, affects F-Secure products with the following software versions: ------------------------ - F-Secure Protection for Android: Versions prior to 5.4.0 - F-Secure Internet Security for Android: Versions prior to 5.4.0 - F-Secure Total Defence for Android: Versions prior to 5.4.0 - F-Secure Mobile Security for Android: Versions prior to 5.4.0 - F-Secure Anti-Virus for iOS: Versions prior to 5.4.1 - F-Secure Mobile Security for Android: Versions prior to 5.4.0 - F-Secure Total Defence for Android: Versions prior to 5.4.0 - F-Secure Mobile Security for Android: Versions prior to 5.4.0 - F-Secure Anti-Virus for Android: Versions prior to 5.4.1 - F-Secure Mobile Security for Android: Versions prior to 5.4.

F-Secure Protection for Android

F-Secure Protection for Android is a mobile security application designed to protect your device against malware and provide peace of mind. It offers multiple layers of protection:

- Anti-virus engine: detects, blocks and destroys malware on your device - Firewall protection: prevents all Internet threats from reaching your device - App lock: protects private data, such as contacts and messages, from being accessed by unauthorized apps - App monitoring: monitors the behavior of installed apps
This vulnerability has been fixed in F-Secure Protection for Android 5.4.0

What you need to know before reading this article

You are advised to read the article carefully before taking any action. With regards to updating your software, if you have unexpired support and are able to validate that you are not affected by this vulnerability, we recommend contacting F-Secure support for a replacement. We also recommend that you refrain from installing or updating any third-party apps found in your device's app store until a patch is available.

On 20 January 2018 at 14:02 (EET) a critical vulnerability was discovered in F-Secure products that can allow unauthenticated remote code execution. This vulnerability, which has been assigned the CVE-2018-1087, affects F-Secure products with the following software versions: ------------------------ - F-Secure Protection for Android: Versions prior to 5.4.0 - F-Secure Internet Security for Android: Versions prior to 5.4.0 - F-Secure Total Defence for Android: Versions prior to 5.4.0 - F-Secure Mobile Security for Android: Versions prior to 5.4.0 - F-Secure Anti-Virus for iOS: Versions prior to 5.4.1 - F-Secure Mobile Security for Android: Versions prior to 5.4.0 - F-Secure Total Defence for Android: Versions prior to 5.4.0 - F-Secure Mobile Security for Android: Versions prior to 5.4.0 - F-Secure Anti-Virus for Android: Vers

Timeline

Published on: 10/12/2022 18:15:00 UTC
Last modified on: 10/14/2022 20:25:00 UTC

References