Critical vulnerability found in multiple Norton products! Patch Available Now
A newly discovered critical vulnerability has been reported by Symantec, the makers of Norton security software products. A design error in an ActiveX control used by Norton AntiVirus could potentially be exploited by a malicious web site. A successful exploit could lead to remote code execution!
Norton has already issued an out-of-cycle patch that can be installed by running Live Update manually. Norton product users who normally run manual LiveUpdate should already have this update. However, to ensure all available updates have been properly installed, run manual LiveUpdate as follows:
Open any installed Norton product from either your Start Menu > Programs, or from the Windows System Tray icon;
Click LiveUpdate;
Run LiveUpdate until all available product updates are downloaded and installed;
A system reboot may be required, depending on the existing patch level of the affected product
The affected products include:
Norton AntiVirus 2005 and 2006
Norton Internet Security 2005 and 2006
Norton System Works 2005 and 2006
Note: The Norton 2007 product line and Symantec enterprise products, including Symantec Client Security and Symantec AntiVirus Corporate Edition are not affected by this issue.
Details of the Vulnerability
Symantec was notified by iDefense that a design error in NAVOPTS.DLL, an ActiveX control used by Norton AntiVirus, could potentially allow an attacker to crash the control if the end user visits a malicious web site. A successful exploit of NAVOPTS.DLL could then allow the attacker to access other Symantec ActiveX controls, even if they are not marked safe for scripting, possibly leading to remote arbitrary code execution in the context of the user's browser.
Symantec's enterprise products do not use NAVOPTS.DLL, and therefore they are not affected by this vulnerability.
People who operate their PCs with reduced user privileges are less at risk, if at all, than those running with full administrator privileges. For more information about this see my articles about user account privileges:
Limited User Privileges Protect Against Malware Infections
Limited User Privileges Protect PCs From Adware, Rootkits, Spyware and Viruses
User Account Privileges Explained
Trend Micro Internet Security products, for home and office users, use in-the-cloud malware definitions that are updated every day, all day, as soon as new or altered strains of viruses and other malware are detected in the wild and analyzed. By offloading the bulk of these ever changing virus definitions to cloud servers, the load on your computers is greatly reduced. All users of Trend security programs are instantly protected from hostile web pages laden with malware exploits and hostile email, by the Trend Micro Smart Protection Network.
This weblog is licensed under a Creative Commons License.The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.
