Skip to comments.Symantec (Norton) details flaws in its antivirus software
Posted on 03/30/2005 9:50:57 AM PST by holymoly
Symantec has reported glitches in its antivirus software that could allow hackers to launch denial-of-service attacks on computers running the applications.
In a notice posted on its Web site this week, Symantec detailed two similar vulnerabilities found in its Norton AntiVirus software, which is sold on its own or bundled in Norton Internet Security and Norton System Works. The flaws, which could lead to computers crashing or slowing severely if attacked, are limited to versions of the software released for 2004 and 2005.
The Information-Technology Promotion Agency of Japan, a government-affiliated tech watchdog group, identified the first instance of the problem in the AutoProtect feature of the Norton AntiVirus consumer product, Symantec said. AutoProtect is used to scan files for viruses, Trojan attacks and worms.
The flaw essentially causes Symantec's software to crash when it is asked to inspect a file specifically designed to exploit the flaw. The file could be submitted either remotely from outside a system or internally by someone with physical access to a computer, Symantec said.
The second flaw, discovered by the Japan Computer Emergency Response team, can be used to launch denial-of-service attacks by scanning specific file modifications using the SmartScan feature in Norton AntiVirus. Symantec said that any malicious use of that vulnerability would specifically require someone with authorized access to a computer to exploit the issue. SmartScan is designed to scour for viruses hidden in file extensions, as well as in executable and document files.
No attacks related to either problem have been reported so far, according to Symantec. The company also said in its warning that both vulnerabilities are "low impact" threats to its customers.
Cupertino, Calif.-based Symantec said it has informed its customers of the problems and has issued patches to correct the flaws, including sending out an automated fix to subscribers to its Automatic LiveUpdate service. The company recommended that people who have not already applied the patches do so immediately to protect against potential attacks.
|Free Anti-Virus Software:
On-demand virus checker. Detects, doesn't clean. Huge virus database (excellent back-up scanner).
AntiVir® Personal Edition
The MS-DOS version is free
On-demand scanner. Detects & cleans a small number of virii/trojans (around 50). Fits on a 3.5" floppy.
When I tired of Norton's glitches I changed to AVG and have never been happier. It's completely automatic and updates virtually every day.
I too have switched from Norton to AVG. Glad I did. I've never had a virus infect me while I had AVG installed. I can not say the same thing about Norton.
I gave up on all Symantec Norton products years ago because they are such resource hogs. I switched to Trend Micro's PC-Cillin and couldn't be happier. It updates its virus definitions every hour, quietly in the background.
I switched over to AVG three years ago and have been virus free and trouble free . . . and there's a whole lot more money in my pocket for not buying back into Norton, too.
Three cheers for AVG!
Avast is also free and I've found it better than AVG.
I think when my subscription runs out on Norton, I'll try the other scanners too and see how they do. Bookmark Bump!
As I recall, while free, Avast requires "registration", and this regsitration must be renewed every 12 months.
IMO If it's free, it should jus that - free. No strings attached.
There ARE better AV programs out there, like Kaspersky, but Avast is doing alright. I used Norton for many years, stopped last year when I got a few viruses.
Just in case, I'll occasionally run a couple of online scanners. They have caught a few things for me (Trend Micro and Panda).
I use F-Prot, which is a yearly subscription with free updates. I've been very satisfied with it.
Just watch... to fix these flaws, that will require the user to pay for the update...
I should have added... eventually... ;)
1. Screwed me out of about 9 months of updates for which I paid.
2. Screwed me out of a mail-in rebate.
3. Gave me no end of trouble with a certain email-borne virus. For some reason, they could not detect it until the email that carried it was added to the inbox file. Once that happened, they locked up the whole file and couldn't fix it, so all I could do was delete the file. Then my entire inbox was gone. Their support people were unable or unwilling to do anything about it.
Better, how so? Serious question.
It picked up more viruses after I ran it following the use of AVG. Unless these were false positives, I'd call that better.