AVG reveals security flaw in CA Windows software

I was interested to read a blog post from Roger Thompson, the chief research officer of AVG Technologies, in which he claims to have identified a security flaw in CA Windows software.

Unlike a lot of these flaws, this is one that Thompson says has been discovered in the wild and and - unusually - specifically target corporate punters.

According to Thompson, his research team first discovered the security vulnerabilities in the Computer Associates' software about a week or so ago, so it's pretty amazing that just a week later that hackers have developed an exploit package to take advantage of it.

Curiously, Thompson says that a patch is already available for the software, but most corporate punters are vulnerable because very few have enabled automatic patching on their systems.

The exploit is actually generated by NeoSploit, a underground exploit generator that is for sale on hacker sites.

You can read more on the exploit here...