Symantec closes critical hole in AppStream
Symantec has closed a critical hole in its AppStream software management platform that allows attackers to gain control of AppStream clients using specially crafted web pages. The problem is caused by unsafe methods (for example installAppMg) in LaunchObj (launcher.dll), an ActiveX control marked "safe for scripting". Attackers can use a forged server to inject and execute arbitrary code on a Windows client.
All AppStream clients up to version 5.2.2 SP3 MP1 are affected. The flawed control was fixed in this version. Symantec recommends that users download and install the update. As a workaround, the US-CERT suggests setting the kill bit for this control. So far, Symantec has found no evidence indicating that the hole has been exploited.
See also:
- Symantec AppStream LaunchObj ActiveX control vulnerable to arbitrary code download and execution, US-CERT report
- Symantec AppStream ActiveX Unauthorized Access, Symantec report
(trk)