In association with heise online

04 April 2008, 11:03

Symantec closes hole in consumer products

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Symantec has issued a security update for its consumer products to close two critical holes in an ActiveX control (SYMADATA.DLL). Security services provider iDefense reports that a buffer overflow in the AutoFix tool, intended for remote support, enables malicious code to be injected and executed in the context of the user's browser. All it needs is a visit to a crafted Web site.

Symantec has taken some security precautions in the control in order to prevent this attack: the control only runs on pages in the domain. A successful attack would also have to exploit a cross-site scripting hole, or manipulate the client PC's name resolution – both iDefense and Symantec classify the problem as non-critical. A second hole enables the downloading of code from a remote share.

Norton 360 1.0, Norton AntiVirus Windows 2006 - 2008, Norton Internet Security 2006 - 2008 and Norton System Works 2006 - 2008 are affected. A corrected version of the control is available for download. In addition, it is also updated at the start of a Symantec Technical Support session.

A similar but more critical ActiveX vulnerability in the Norton 2006 product range, also affecting remote support, was patched in February 2007. In that case unauthorised sites were able to run the control.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit