Symantec users warned of vulnerabilities.
Users of
Symantec
‘s popular
Norton AntiVirus
and
Norton Internet Security
products are being urged to ensure they are running the latest versions, after vulnerabilities found in ActiveX controls used by the products were patched to secure possible remote access points.
The flaws, discovered by researchers at
Secunia
and described by them as ‘Highly Critical’, affect 2006 versions of the
Norton
range, including
SystemWorks
, as well as the 2005 version of
Norton Internet Security, Anti Spyware Edition
. 2007 versions are not thought to be affected.
Two ActiveX controls were found to fail to properly validate input, which could allow maliciously crafted data to bypass security and execute code remotely. Most users should be protected by automatic updates, but are as usual urged to ensure the latest patches have been applied. More detail can be found in
Secunia
‘s alert
here
, or from
Symantec
themselves
here
.
Posted on 10 August 2007 by
Virus Bulletin
Leave a Reply