Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability

[ezebob]

http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true

The above link describes the vulnerability.
Several well known AV's are reportedly affected by this.  Avast however was not listed among them.  
Has it been verified?
Is Avast also at risk or are we safe?  
If at risk is there a fix?

Thank you

[igor]

Even though I didn't verify it, I would say avast! is affected as well.
We will check the possibility of a fix, but it may not be exactly easy; I'm afraid the internals of the archive support in avast! may not be well suited to this kind of "corruptions".

On the other hand, I don't think the actual risk is that big. If you use the filesystem resident protection (Standard Shield), the virus would be detected after extracted from the "corrupted" ZIP file.
As Vlk occasionally: the support for archives is something "additional", beyond the main level of protection.

[ezebob]

Thank you for your reply.  I agree that this is not a highly critical
problem.  Yes you are most likely correct that the resident shield would pick it up of decompression.  I was surprised that so many well known
AV's were at risk.  Do most AV's use the same type of system for this to have such a wide spread effect on so many of them?  I see from the
original warning some AV's will issue fixes.  Will Avast be able to do the same?

[whocares]

Well,
avast detects EICAR LOCAL header manipulated ZIP,
but not in case of GLOBAL header manipulation:
http://forum.avast.com/index.php?board=2;action=display;threadid=7994