Symantec closes holes in AntiVirus and Altiris
In a security advisory, Symantec warns of an unspecified problem when scanning emails which can cause the scan to take too long and trigger a time-out. According to the vendor, however, this can only occur if the "Internet Email Scanning" feature is enabled.
Primarily affected are Symantec's AntiVirus Corporate Edition and Client Security. Of the Norton products, only the 2008 and earlier versions are vulnerable; Norton 360 and Norton 2009 are unaffected. The vulnerable Norton products will probably have already received an automatic update via LiveUpdate.
Symantec also reports that several vulnerabilities have been fixed in the Altiris Software Deployment System, as versions 6.9.x of the product are affected by multiple security problems. The most critical of them allows intruders to bypass authentication when accessing the Altiris database.
See also:
- Norton AntiVirus and Symantec Client, security advisory by Symantec
- Symantec Altiris Deployment Solution, security advisory by Symantec
(djwm)