If you’re using Computer Associates antivirus software, an attacker can seize control of your computer, simply by sending a trick Microsoft Office document. No authentication or user interaction required.

The attack triggers a heap (buffer) overflow, which causes your system to lose its mind, allowing the attacker to slip by with the evil payload.

Consumer Associates says the consumer and enterprise editions of Consumer Associates eTrust antivirus software are at high risk if attacked until they are updated: BrightStor ARCserve Backup for Windows, eTrust Antivirus for Linux, Notes/Exchange, Solaris, Windows 95/98/ME, Windows NT/2000/XP, eTrust Antivirus for the Gateway, eTrust EZ Antivirus, eTrust Intrusion Detection, eTrust Secure Content Manager, EZ Armor, EZ Armor LE, InoculateIT and Vet Antivirus.

Consumer Associates isn’t alone. Techworld notes,”Several major anti-virus companies have had to patch serious security flaws in their core products in recent weeks, including Symantec, McAfee, Trend Micro and F-Secure.”

Solution? Get the patch.

And remember: Multiple layers from different vendors is the key to network security.