Posted on 03/30/2005 9:50:57 AM PST by holymoly
Symantec has reported glitches in its antivirus software that could allow hackers to launch denial-of-service attacks on computers running the applications.
In a notice posted on its Web site this week, Symantec detailed two similar vulnerabilities found in its Norton AntiVirus software, which is sold on its own or bundled in Norton Internet Security and Norton System Works. The flaws, which could lead to computers crashing or slowing severely if attacked, are limited to versions of the software released for 2004 and 2005.
The Information-Technology Promotion Agency of Japan, a government-affiliated tech watchdog group, identified the first instance of the problem in the AutoProtect feature of the Norton AntiVirus consumer product, Symantec said. AutoProtect is used to scan files for viruses, Trojan attacks and worms.
The flaw essentially causes Symantec's software to crash when it is asked to inspect a file specifically designed to exploit the flaw. The file could be submitted either remotely from outside a system or internally by someone with physical access to a computer, Symantec said.
The second flaw, discovered by the Japan Computer Emergency Response team, can be used to launch denial-of-service attacks by scanning specific file modifications using the SmartScan feature in Norton AntiVirus. Symantec said that any malicious use of that vulnerability would specifically require someone with authorized access to a computer to exploit the issue. SmartScan is designed to scour for viruses hidden in file extensions, as well as in executable and document files.
No attacks related to either problem have been reported so far, according to Symantec. The company also said in its warning that both vulnerabilities are "low impact" threats to its customers.
Cupertino, Calif.-based Symantec said it has informed its customers of the problems and has issued patches to correct the flaws, including sending out an automated fix to subscribers to its Automatic LiveUpdate service. The company recommended that people who have not already applied the patches do so immediately to protect against potential attacks.
read later
I was also diddled by Symantec when I sent in a rebate form for Norton Systemworks. I meticulously and carefully fulfilled all of the rebate requirements and sent it it. After about a month, I went online to see the status. It said that my rebate could not be found. About a month later I received a post card stating that my rebate was rejected because I did not abide by the rebate rules. Nonsense.
This rebate game has become a tiresome racket. I avoid products with mail-in rebates.
SmartScan is designed to scour for viruses hidden in file extensions, as well as in executable and document files. Does anyone have a clue what this means, or is this just another Dumb Journalist Alert? |
You just never know when a virus will be lurking in between the "h" and the "t" in ".html" :^/
That's EXACTLY what they did to me.
all my Microsoft court settlement rebates were rejected.
Oh well.
Of course, when I reformatted my hard drive at home last week, and reinstalled NAV 2004 it restarted my subscription for another year....
Symantec (Norton) = BLOATWARE...
AVG is the best. I would highly recommend it over Norton or MaCafee (and I've had both.)
Some of electronics retailers such as Circuitcity and bestBuy have 2 or 3 three different rebates on a single item. Thus they can advertise a much lower price.
I let salesmen in the store know that I do like the rebate game
AVG is very good and I recommend it to students in the classes I teach. I personally prefer McAfee, but that's me. Symantic is crapware.
Me too. I really like it because it's free, simple, free, intuitive, and did I mention free?
On top of that, it works, it's free, it's reliable, quirk-free, and just plain free as well as being free.
What a pain in trying to disable NAV so I could test
other vendors' products.
Oops. I let salesmen in the store know that I do NOT like the rebate game
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.