Panda Security 3.0 Can be Bypassed
Reported April 14, 2000 by
DeepZone Security
VERSIONS EFFECTED
  • Panda Security 3.0 for Windows 95 and 98

DESCRIPTION

Panda Security 3.0 is vulnerable to indirect registry key modifications, which allow Panda Security keys to be manipulated by any logged-on user. Because of a lack in system integrity checks, the entire software package could be uninstalled by a user.

DEMONSTRATION

DeepZone has provided a ZIP file which contains regsitry mod files that demonstrate the problem.

VENDOR RESPONSE

Panda Software quickly released a patch that helps users protect themselves against the exploit of these vulnerabilities.

CREDITS
Discovered and reported by
DeepZone Security