Symantec plugs dangerous flaw in Norton security software

Bill Brenner

Symantec Corp. has patched a flawed ActiveX control in its Norton security products that attackers could exploit to run malware on targeted machines.

An ActiveX control used by Norton Personal Firewall 2004 and Norton Internet Security 2004 contains a buffer overflow vulnerability, Cupertino, Calif.-based

    Requires Free Membership to View

Symantec said in an advisory. Norton Internet Security is a software package for Microsoft Windows systems that includes antivirus, firewall, spam and content filtering, intrusion detection and privacy protection.

Symantec news:
Symantec fixes flaws in Norton, pcAnywhere: Attackers could exploit flaws in Symantec's Norton AntiVirus and pcAnywhere to launch malicious code or compromise a user's session credentials.

Symantec unveils 'universal ID system': Symantec said the goal is to create a universally accepted identity system across all Web sites -- from online financial institutions to retailers -- for millions of consumers.

Symantec chief: Consumer confidence in data protection is key to online growth: In his keynote at RSA Conference 2007, Symantec CEO John W. Thompson said Big Yellow is ready for the shifting dynamics in the information security market, and implied that Microsoft's growing presence in security is a conflict of interest for its customers.

"The error occurs in the Get() and Set() functions used by ISAlertDataCOM, which is part of ISLALERT.DLL," the vendor said. "A successful exploit of this vulnerability could potentially allow the remote execution of code on a vulnerable system, with the rights of the logged-in user."

To successfully exploit the flaw, Symantec said an attacker would need to trick the user into viewing a specially crafted HTML document.

"This type of attack is often achieved by sending email containing a link to the malicious site, and persuading the recipient to click on the link," the company noted. "Symantec is not aware of any customers impacted by this issue, or of any attempts to exploit the issue."

Symantec product engineers confirmed that the issue affects Norton Personal Firewall and Norton Internet Security 2004 only. Product updates to correct the problem are available through LiveUpdate.

Danish vulnerability clearinghouse Secunia conducted its own test of the flaw and deemed it "highly critical."

A researcher from the United States Computer Emergency Readiness Team (US-CERT) first discovered the flaw and reported it to Symantec.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: