[ISN] Symantec's Anti-Virus Vulnerable To Crashes
isn at c4i.org
Wed Mar 30 01:35:32 EST 2005
[Symantec users better patch quickly!
or maybe not...
http://www.itnews.com.au/newsstory.aspx?CIaNCID=35&CIaNID=18367 - WK]
By TechWeb News
March 29, 2005
Symantec's Norton AntiVirus line has a pair of vulnerabilities that
hackers could exploit to crash or hang a targeted PC, Symantec
The Cupertino, Calif.-based security company's consumer AntiVirus 2004
and AntiVirus 2005 series are at risk, said Symantec, as well as the
Internet Security and SystemWorks lines, which bundle AntiVirus with
other security or PC maintenance tools.
Errors can be forced, said Symantec, by attackers feeding specific
file types to a machine protected by AntiVirus' Auto-Protect module,
or by renaming a file on a network share that's then scanned by
Auto-Protect. (Auto-Protect is Symantec's name for the real-time
scanner that sniffs through files as they're opened or downloaded.)
The errors can cause the PC to either slow down to the point of being
unusable, then crash, or hang, forcing its user to reboot.
Symantec has issued patches for the vulnerabilities and has already
fed them to AntiVirus users who have Automatic LiveUpdate enabled.
Others should run LiveUpdate immediately from within their copies of
Symantec posted a security alert on its Web site  with more
More information about the ISN