Security Bytes: Symantec fixes software flaw

By SearchSecurity.com Staff 31 May 2006 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

Symantec fixes latest flaws
Cupertino, Calif.-based antivirus giant Symantec Corp. has remedied a stack overflow vulnerability in its Client Security and AntiVirus Corporate Edition products. The flaw, first reported last week by Aliso Viejo, Calif.-based eEye Digital Security Inc., could allow attackers to cause a system crash or launch malicious code with system-level rights. Symantec said in an advisory that it's not aware of any exploits against the flaw, which affects Symantec Client Security 3.0 and 3.1 and Symantec Antivirus Corporate Edition 10.0 and 10.1. Symantec said its Norton security suite is not affected.

Microsoft prepares to roll out OneCare
Thursday will mark a milestone for Microsoft's push into the antivirus market. That's when the software giant will start selling its long-awaited Windows Live OneCare product, which rolls antivirus, antispyware and firewall capabilities into one tool. OneCare also includes tune-up tools and other backup features for Windows PCs. In the U.S., Microsoft will begin selling it in stores and online Thursday, and it will expand to international markets during the next year. The product will cost $49.95 a year for use on up to three PCs per home. Many retailers will offer rebates and other discount promotions, Microsoft said in a statement. "We believe we're creating a new category," Dennis Bonsall, director of product management for OneCare, told CNET News.com. "It is not about security anymore, but it is about holistic PC care."

McAfee hopes Falcon will fly past Microsoft, Symantec
Meanwhile, Santa Clara, Calif.-based McAfee Inc. isn't about to let Microsoft have the security spotlight to itself. As the software giant prepares to debut its OneCare product Thursday, McAfee is announcing the release of Falcon, software that integrates features in its current product line with an overhauled management interface. The vendor said in a statement that Falcon will defend desktops against spyware, viruses, spam, phishing and rootkits, among other things. The product will also be equipped with tools to prevent data loss, optimize PC performance and secure wireless networks. McAfee plans to release Falcon this summer.

Email poses as Microsoft security notice
UK-based antivirus firm Sophos plc said a new spam campaign is using email disguised as a Microsoft security update to trap users into installing a keylogger. The emails have the subject line "Microsoft WinLogon Service - Vulnerability Issue" and claim to come from patch@microsoft.com. The email claims a vulnerability has been found "in the Microsoft WinLogon Service" and could "allow a hacker to gain access to an unpatched computer." Recipients are advised to click on a link in the email to download the patch. But the link really points to a non-Microsoft Web site and initiates the download of the Troj.BeastPWS-C Trojan horse, which is capable of spying on the infected user and stealing passwords, Sophos said.

Tags: Security Industry Market Trends, Predictions and Forecasts,  Vulnerability Risk Assessment,  Email and Messaging Threats (spam, phishing, instant messaging),  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Security Industry Market Trends, Predictions and Forecasts Cybersecurity czar candidate questions clout of new position Gartner sees better days ahead for security budgets Sophos CEO on Symantec, McAfee after Utimaco acquisition WH cybersecurity plan needs private sector guidance Obama announces creation of cybersecurity coordinator position Security budgets take hit in media, tech industry, survey finds Cybersecurity Act of 2009: Power grab, or necessary step? Opinion: Gartner gets NAC wrong, again Cloud computing security group releases report outlining trouble areas White House cybersecurity advisor calls for public-private cooperation Security Industry Market Trends, Predictions and Forecasts Research Vulnerability Risk Assessment Are Web application penetration tests still important? McAfee to acquire Solidcore Systems for whitelisting The Pipe Dream of No More Free Bugs Vulnerability test methods for application security assessments Free HP SWFScan tool detects Adobe Flash flaws PCI QSA assurance program penalizes assessors Information security book excerpts and reviews New York drafts language demanding secure code Security experts identify 25 dangerous coding errors Microsoft Windows XML flaw exploits test desktop antimalware Vulnerability Risk Assessment Research Email and Messaging Threats (spam, phishing, instant messaging) How to prevent brute force webmail attacks Unified communications: Securing a converged infrastructure Chained Exploits: How to prevent phishing attacks from corporate spies 3FN.net ISP shutdown interrupts spam campaigns Swine flu outbreak results in spam pandemic What does 'invoked by uid 78' mean? Economy fuels malware, spam Internet Explorer 8 includes a bevy of security features Adobe JBIG2 exploits being spammed, IBM warns Fierce competition prompted new Cisco email security options Email and Messaging Threats (spam, phishing, instant messaging) Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary backscatter body scanning  (SearchSecurity.com) marketecture  (SearchSecurity.com) NCSA  (SearchSecurity.com) Palladium  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary