Posted by Virus Bulletin on Aug 10, 2007
Symantec users warned of vulnerabilities.
Users of Symantec's popular Norton AntiVirus and Norton Internet Security products are being urged to ensure they are running the latest versions, after vulnerabilities found in ActiveX controls used by the products were patched to secure possible remote access points.
The flaws, discovered by researchers at Secunia and described by them as 'Highly Critical', affect 2006 versions of the Norton range, including SystemWorks, as well as the 2005 version of Norton Internet Security, Anti Spyware Edition. 2007 versions are not thought to be affected.
Two ActiveX controls were found to fail to properly validate input, which could allow maliciously crafted data to bypass security and execute code remotely. Most users should be protected by automatic updates, but are as usual urged to ensure the latest patches have been applied. More detail can be found in Secunia's alert here, or from Symantec themselves here.
Posted on 10 August 2007 by Virus Bulletin
