The three vendors have all acknowledged various security vulnerabilities in a range of desktop and server products that could lead to arbitrary code execution, privilege escalation or denial-of-service conditions.
Trend Micro, which specializes in virus protection software, has issued patches for ServerProtect and the PC-cillin suite.
The ServerProtect update, rated "moderately critical" by Secunia, covers boundary errors and integer overflow errors that could be exploited to launch harmful code on a vulnerable installation. Two separate alerts from iDefense (here and here) outline the details and potential risks.
The latest black-eye for security vendors has also affected Check Point Zone Labs. From an iDefense alert:
Local exploitation of an insecure permission vulnerability in multiple Check Point Zone Labs products allows attackers to escalate privileges or disable protection.
The vulnerability specifically exists in the default file Access Control List (ACL) settings that are applied during installation. When an administrator installs any of the Zone Labs ZoneAlarm tools, the default ACL allows any user to modify the installed files. Some of the programs run as system services. This allows a user to simply replace an installed ZoneAlarm file with their own code that will later be executed with system-level privileges.
Exploitation allows local attackers to escalate privileges to the system level. It is also possible to use this vulnerability to simply disable protection by moving all of the executable files so that they cannot start on a reboot.