[ISN] Symantec's Anti-Virus Vulnerable To Crashes

InfoSec News isn at c4i.org
Wed Mar 30 01:35:32 EST 2005


http://www.techweb.com/wire/security/159907804

[Symantec users better patch quickly! 
http://news.com.com/Mytob+e-mail+worm+proliferating+quickly/2100-7349_3-5644978.html
or maybe not... 
http://www.itnews.com.au/newsstory.aspx?CIaNCID=35&CIaNID=18367  - WK]


By TechWeb News 
March 29, 2005

Symantec's Norton AntiVirus line has a pair of vulnerabilities that 
hackers could exploit to crash or hang a targeted PC, Symantec 
announced Monday. 

The Cupertino, Calif.-based security company's consumer AntiVirus 2004 
and AntiVirus 2005 series are at risk, said Symantec, as well as the 
Internet Security and SystemWorks lines, which bundle AntiVirus with 
other security or PC maintenance tools. 

Errors can be forced, said Symantec, by attackers feeding specific 
file types to a machine protected by AntiVirus' Auto-Protect module, 
or by renaming a file on a network share that's then scanned by 
Auto-Protect. (Auto-Protect is Symantec's name for the real-time 
scanner that sniffs through files as they're opened or downloaded.) 

The errors can cause the PC to either slow down to the point of being 
unusable, then crash, or hang, forcing its user to reboot. 

Symantec has issued patches for the vulnerabilities and has already 
fed them to AntiVirus users who have Automatic LiveUpdate enabled. 
Others should run LiveUpdate immediately from within their copies of 
Norton AntiVirus. 

Symantec posted a security alert on its Web site [1] with more 
details. 

[1] http://securityresponse.symantec.com/avcenter/security/Content/2005.03.28.html





More information about the ISN mailing list