Page 1 of 1
'High' risk in Symantec antivirus software flaw
Posted: 2005-12-21 02:19pm
by theski
Thank god they are a Anti-virus company
Symantec's antivirus software contains a vulnerability that could be exploited by a malicious hacker to take control of a system, the company said late Tuesday.
According to Symantec, the bug, which affects a range of the company's security products, is a "high" risk. Denmark security company Secunia has labeled it "highly critical."
According to an advisory issued by Secunia, the bug affects most of Symantec's products, including enterprise and home user versions of Symantec AntiVirus, Symantec Norton AntiVirus and Symantec Norton Internet Security, across the Windows and Macintosh platforms.
The vulnerability is within Symantec AntiVirus Library, which provides file format support for virus analysis. "During decompression of RAR files, Symantec is vulnerable to multiple heap overflows allowing attackers complete control of the system(s) being protected," said security consultant Alex Wheeler, who first discovered the flaw. "These vulnerabilities can be exploited remotely, without user interaction, in default configurations through common protocols such as SMTP."
RAR is a native format for WinRAR, which is used to compress and decompress data. So far, the vulnerability has been reported in Dec2Rar.dll version 3.2.14.3 and, according to Wheeler, potentially affects all Symantec products that use the DLL. The full list of products affected can be seen here.
Symantec has not yet released a patch to address this problem. In the meantime, Wheeler recommends that users "disable scanning of RAR-compressed files until the vulnerable code is fixed."
This is not the first vulnerability Wheeler has discovered. In October, he highlighted a similar flaw in Kaspersky Lab's antivirus software, which was later acknowledged by the company. Again, it was a heap overflow vulnerability.
In February, he found a different heap overflow vulnerability in Symantec's antivirus software.
RISK
Posted: 2005-12-21 03:44pm
by Einhander Sn0m4n
Just in time for me to have switched to AVG a month ago... Screw you Norton!
Posted: 2005-12-21 04:50pm
by Soontir C'boath
I couldn't believe the school's techies approve Symantec as a reliable anti-virus program when we had a dorm meeting talking about requirements of what we need on our comp to be able to use the internet next semester. If this doesn't change their mind not to use Symantec then they are the worse tech support in the damn world.
Besides, who in their right minds would even use Symantec? It's a piece of garbage from the get go.
Posted: 2005-12-21 04:57pm
by Stark
Norton AV has sucked for years. Does anyone CHOOSE it, or does it just exist off the installed fanbase of mum-and-dad prepacked puters?
Posted: 2005-12-21 05:03pm
by Bounty
Stark wrote:Norton AV has sucked for years. Does anyone CHOOSE it, or does it just exist off the installed fanbase of mum-and-dad prepacked puters?
I know precisely one (1) person who bought Norton, and that was only for the free MP3 player included in the bundle.
Posted: 2005-12-21 05:16pm
by Jawawithagun
It seems to come on every system sold by the big chains.
Posted: 2005-12-21 05:34pm
by Chardok
Einhander Sn0m4n wrote:Just in time for me to have switched to AVG a month ago... Screw you Norton!
Hah. sounds like you and I switched at exactly the same time. I went to AVG and deleted Norton within 30 minutes of each other, and I will never look back. WOO HOO! Safety through obscurity!
Posted: 2005-12-21 06:12pm
by Faram
Muhaha, more work for me!
I just have to maile the allert to some customers and I am in the clear!
Either they pay me to upgrade their old crummy norton installations or they will not.
In that case I can tell them to fuck off if they get into ANY troubble and blame Norton, when that is done I fix the problem for *4 as much.
Sadly I cannot do this with Microsoft updates, I path their system 1/month but this is a bonus
And no I did not install norton to begin with, I "inherited" the existing systems.
Posted: 2005-12-21 06:27pm
by Stark
Amusingly, this is how I encounter Norton AV myself: it fucking up, or being unusable, or whatever and the user paying me to use something else. Hilarious.
Posted: 2005-12-21 07:15pm
by dacis2
Uhm... what's AVG?
Posted: 2005-12-21 08:30pm
by Jawawithagun
AVG Anti-Virus
Good enough that I even shelled out money for it.