Security Bytes: Symantec fixes software flaw

By SearchSecurity.com Staff 31 May 2006 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

Symantec fixes latest flaws
Cupertino, Calif.-based antivirus giant Symantec Corp. has remedied a stack overflow vulnerability in its Client Security and AntiVirus Corporate Edition products. The flaw, first reported last week by Aliso Viejo, Calif.-based eEye Digital Security Inc., could allow attackers to cause a system crash or launch malicious code with system-level rights. Symantec said in an advisory that it's not aware of any exploits against the flaw, which affects Symantec Client Security 3.0 and 3.1 and Symantec Antivirus Corporate Edition 10.0 and 10.1. Symantec said its Norton security suite is not affected.

Microsoft prepares to roll out OneCare
Thursday will mark a milestone for Microsoft's push into the antivirus market. That's when the software giant will start selling its long-awaited Windows Live OneCare product, which rolls antivirus, antispyware and firewall capabilities into one tool. OneCare also includes tune-up tools and other backup features for Windows PCs. In the U.S., Microsoft will begin selling it in stores and online Thursday, and it will expand to international markets during the next year. The product will cost $49.95 a year for use on up to three PCs per home. Many retailers will offer rebates and other discount promotions, Microsoft said in a statement. "We believe we're creating a new category," Dennis Bonsall, director of product management for OneCare, told CNET News.com. "It is not about security anymore, but it is about holistic PC care."

McAfee hopes Falcon will fly past Microsoft, Symantec
Meanwhile, Santa Clara, Calif.-based McAfee Inc. isn't about to let Microsoft have the security spotlight to itself. As the software giant prepares to debut its OneCare product Thursday, McAfee is announcing the release of Falcon, software that integrates features in its current product line with an overhauled management interface. The vendor said in a statement that Falcon will defend desktops against spyware, viruses, spam, phishing and rootkits, among other things. The product will also be equipped with tools to prevent data loss, optimize PC performance and secure wireless networks. McAfee plans to release Falcon this summer.

Email poses as Microsoft security notice
UK-based antivirus firm Sophos plc said a new spam campaign is using email disguised as a Microsoft security update to trap users into installing a keylogger. The emails have the subject line "Microsoft WinLogon Service - Vulnerability Issue" and claim to come from patch@microsoft.com. The email claims a vulnerability has been found "in the Microsoft WinLogon Service" and could "allow a hacker to gain access to an unpatched computer." Recipients are advised to click on a link in the email to download the patch. But the link really points to a non-Microsoft Web site and initiates the download of the Troj.BeastPWS-C Trojan horse, which is capable of spying on the infected user and stealing passwords, Sophos said.

Tags: Security Industry Market Trends, Predictions and Forecasts,  Vulnerability Risk Assessment,  Email and Messaging Threats (spam, phishing, instant messaging),  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Security Industry Market Trends, Predictions and Forecasts M86 buys Web security gateway vendor Finjan Information Security Decisions 2009: Presentation downloads Bruce Schneier on outsourcing, awareness training Marcus Ranum on cyberwarfare, infosec careers McAfee survey finds faults in midmarket enterprise security Email archiving vendor sues Gartner over Magic Quadrant Information Security magazine October issue PDF Editor's Desk: Security 7 Winners Chronicle Trends That Shape The Industry Information Security magazine Security 7 Award winners Security Squad: Privacy gone awry Security Industry Market Trends, Predictions and Forecasts Research Vulnerability Risk Assessment Screencast: How to launch an OpenVAS scan Trusteer CEO criticizes Adobe, touts better patch deployments Patch management study shows IT taking significant risks Vulnerability mitigation study shows need for faster patching Microsoft to issue security report card, new tool at Black Hat Newest malware threats Are Web application penetration tests still important? PCI compliance requirement 6: Systems and applications Cybercrime and threat management McAfee to acquire Solidcore Systems for whitelisting Vulnerability Risk Assessment Research Email and Messaging Threats (spam, phishing, instant messaging) Messaging security risks have upper hand on solutions Web-based attacks skyrocket, pirating sites surge, security firms say Pushdo botnet uses Facebook to spread malicious email attachment Scareware report highlights successful business model How to prevent phishing attacks with social engineering tests Phishing protection begins with training, antiphishing evangelist Phishing attacks to remain a major problem, say security experts Barracuda acquires Purewire expanding Web security reach FBI raids phishing crime ring, nearly 100 arrested Massive phishing scheme affects Microsoft Hotmail accounts Email and Messaging Threats (spam, phishing, instant messaging) Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary backscatter body scanning  (SearchSecurity.com) marketecture  (SearchSecurity.com) NCSA  (SearchSecurity.com) Palladium  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary