News Stay informed about the latest enterprise technology news and product updates.

Symantec plugs dangerous flaw in Norton security software

Attackers could exploit a flawed ActiveX control in Symantec Norton Internet Security and Norton Personal Firewall to run malware on targeted machines.

Symantec Corp. has patched a flawed ActiveX control in its Norton security products that attackers could exploit to run malware on targeted machines.

An ActiveX control used by Norton Personal Firewall 2004 and Norton Internet Security 2004 contains a buffer overflow vulnerability, Cupertino, Calif.-based Symantec said in an advisory. Norton Internet Security is a software package for Microsoft Windows systems that includes antivirus, firewall, spam and content filtering, intrusion detection and privacy protection.

Symantec news:
Symantec fixes flaws in Norton, pcAnywhere: Attackers could exploit flaws in Symantec's Norton AntiVirus and pcAnywhere to launch malicious code or compromise a user's session credentials.

Symantec unveils 'universal ID system': Symantec said the goal is to create a universally accepted identity system across all Web sites -- from online financial institutions to retailers -- for millions of consumers.

Symantec chief: Consumer confidence in data protection is key to online growth: In his keynote at RSA Conference 2007, Symantec CEO John W. Thompson said Big Yellow is ready for the shifting dynamics in the information security market, and implied that Microsoft's growing presence in security is a conflict of interest for its customers.

"The error occurs in the Get() and Set() functions used by ISAlertDataCOM, which is part of ISLALERT.DLL," the vendor said. "A successful exploit of this vulnerability could potentially allow the remote execution of code on a vulnerable system, with the rights of the logged-in user."

To successfully exploit the flaw, Symantec said an attacker would need to trick the user into viewing a specially crafted HTML document.

"This type of attack is often achieved by sending email containing a link to the malicious site, and persuading the recipient to click on the link," the company noted. "Symantec is not aware of any customers impacted by this issue, or of any attempts to exploit the issue."

Symantec product engineers confirmed that the issue affects Norton Personal Firewall and Norton Internet Security 2004 only. Product updates to correct the problem are available through LiveUpdate.

Danish vulnerability clearinghouse Secunia conducted its own test of the flaw and deemed it "highly critical."

A researcher from the United States Computer Emergency Readiness Team (US-CERT) first discovered the flaw and reported it to Symantec.

Dig Deeper on Malware, virus, Trojan and spyware protection and removal

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.