Norton AntiVirus Software Could Make Your PC Less Secure
In a story of worrying irony, it has come to light that the libraries of anti-virus products from Symantec, such as Symantec AntiVirus, Symantec Norton AntiVirus and Symantec Norton Internet Security, could be used to gain control of an infected machine.
According to Symantec the bug, which affects a range of the company’s products, is a “high” risk, while the Danish security specialists Secunia have labelled it as “highly critical”. The vulnerability can be found in the mechanism used by Symantec’s AntiVirus Library to handle RAR compressed files. It could cause a heap overflow, which then may let an attacker execute additional code giving them control of the PC.
Symantec has not yet released an update for this vulnerability, and recommends that people disable automatic scanning of RAR files.
Add comment December 22nd, 2005