
	Home > Security News > Symantec plugs dangerous flaw in Norton security software

Security News:

EMAIL THIS

Symantec plugs dangerous flaw in Norton security software

By Bill Brenner, Senior News Writer
17 May 2007 | SearchSecurity.com

Security Wire Daily News

Digg This! StumbleUpon Del.icio.us

Symantec Corp. has patched a flawed ActiveX control in its Norton security products that attackers could exploit to run malware on targeted machines.

An ActiveX control used by Norton Personal Firewall 2004 and Norton Internet Security 2004 contains a buffer overflow vulnerability, Cupertino, Calif.-based Symantec said in an advisory. Norton Internet Security is a software package for Microsoft Windows systems that includes antivirus, firewall, spam and content filtering, intrusion detection and privacy protection.

Symantec news:

Symantec fixes flaws in Norton, pcAnywhere: Attackers could exploit flaws in Symantec's Norton AntiVirus and pcAnywhere to launch malicious code or compromise a user's session credentials.

Symantec unveils 'universal ID system': Symantec said the goal is to create a universally accepted identity system across all Web sites -- from online financial institutions to retailers -- for millions of consumers.

Symantec chief: Consumer confidence in data protection is key to online growth: In his keynote at RSA Conference 2007, Symantec CEO John W. Thompson said Big Yellow is ready for the shifting dynamics in the information security market, and implied that Microsoft's growing presence in security is a conflict of interest for its customers.

"The error occurs in the Get() and Set() functions used by ISAlertDataCOM, which is part of ISLALERT.DLL," the vendor said. "A successful exploit of this vulnerability could potentially allow the remote execution of code on a vulnerable system, with the rights of the logged-in user."

To successfully exploit the flaw, Symantec said an attacker would need to trick the user into viewing a specially crafted HTML document.

"This type of attack is often achieved by sending email containing a link to the malicious site, and persuading the recipient to click on the link," the company noted. "Symantec is not aware of any customers impacted by this issue, or of any attempts to exploit the issue."

Symantec product engineers confirmed that the issue affects Norton Personal Firewall and Norton Internet Security 2004 only. Product updates to correct the problem are available through LiveUpdate.

Danish vulnerability clearinghouse Secunia conducted its own test of the flaw and deemed it "highly critical."

A researcher from the United States Computer Emergency Readiness Team (US-CERT) first discovered the flaw and reported it to Symantec.

Tags: Malware, Viruses, Trojans and Spyware, Security Patch Management, Application Attacks (Buffer Overflows, Cross-Site Scripting), VIEW ALL TAGS

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Malware, Viruses, Trojans and Spyware
	New Zeus spam poses as Social Security statements
	Increase in Gumblar backdoors poses FTP credential problems
	Hackers to sharpen malware, malicious software in 2010
	iPhone worm Rickrolls jailbroken phones
	Israeli Mossad add Trojan Horse to Syrian laptop
	Schneier-Ranum Face-Off: Is antivirus dead?
	Modern malware, stealthy botnets, adapt quickly, expert says
	Computer worm infections up, scareware antivirus down, Microsoft says
	Web-based attacks skyrocket, pirating sites surge, security firms say
	Mini guide: How to remove and prevent Trojans, malware and spyware

Security Patch Management

What patch management metrics does Project Quant use?

Squad: Tokenization, Phishing and the Feds

Should management processes change based on a patch release schedule?

Should Windows Mobile updates come from Microsoft?

Adobe updates ColdFusion, JRun, Flex

Trusteer CEO criticizes Adobe, touts better patch deployments

Patch management study shows IT taking significant risks

Vulnerability mitigation study shows need for faster patching

Microsoft to issue security report card, new tool at Black Hat

How to manage patches for Adobe

Application Attacks (Buffer Overflows, Cross-Site Scripting)

Quiz: How to build secure applications

Black box and white box testing: Which is best?

Adobe warns of critical update for Reader, Acrobat 9.1.3

9 Ways to Improve Application Security After an Incident

Developers Need Help with Security Errors

Buffer overflow tutorial: How to find vulnerabilities, prevent attacks

SQL injection protection: A guide on how to prevent and stop attacks

Experts rebuke programmers who use SQL injection as feature

SANS: Application threats, website flaws pose biggest security threats

Mozilla helps Adobe push out faster patches

Application Attacks (Buffer Overflows, Cross-Site Scripting) Research

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

bot worm (SearchSecurity.com)

directory traversal (SearchSecurity.com)

government Trojan (SearchSecurity.com)

Kraken (SearchSecurity.com)

man in the browser (SearchSecurity.com)

polymorphic malware (SearchSecurity.com)

RAT (remote access Trojan) (SearchSecurity.com)

RavMonE virus (SearchSecurity.com)

RFID virus (SearchSecurity.com)

Rock Phish (SearchSecurity.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

More Tips to Secure Your Network

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy