Critical vulnerability found in multiple Norton products! Patch Available Now
A newly discovered critical vulnerability has been reported by Symantec, the makers of Norton security software products. A design error in an ActiveX control used by Norton AntiVirus could potentially be exploited by a malicious web site. A successful exploit could lead to remote code execution!
Norton has already issued an out-of-cycle patch that can be installed by running Live Update manually. Norton product users who normally run manual LiveUpdate should already have this update. However, to ensure all available updates have been properly installed, run manual LiveUpdate as follows:
Open any installed Norton product from either your Start Menu > Programs, or from the Windows System Tray icon;
Click LiveUpdate;
Run LiveUpdate until all available product updates are downloaded and installed;
A system reboot may be required, depending on the existing patch level of the affected product
The affected products include:
Norton AntiVirus 2005 and 2006
Norton Internet Security 2005 and 2006
Norton System Works 2005 and 2006
Note: The Norton 2007 product line and Symantec enterprise products, including Symantec Client Security and Symantec AntiVirus Corporate Edition are not affected by this issue.
Details of the Vulnerability
Symantec was notified by iDefense that a design error in NAVOPTS.DLL, an ActiveX control used by Norton AntiVirus, could potentially allow an attacker to crash the control if the end user visits a malicious web site. A successful exploit of NAVOPTS.DLL could then allow the attacker to access other Symantec ActiveX controls, even if they are not marked safe for scripting, possibly leading to remote arbitrary code execution in the context of the user's browser.
Symantec's enterprise products do not use NAVOPTS.DLL, and therefore they are not affected by this vulnerability.
People who operate their PCs with reduced user privileges are less at risk, if at all, than those running with full administrator privileges. For more information about this see my articles about user account privileges:
Limited User Privileges Protect Against Malware Infections
Limited User Privileges Protect PCs From Adware, Rootkits, Spyware and Viruses
User Account Privileges Explained
Spyware Doctor is a multi-award winning spyware removal utility that detects, removes and protects your PC from thousands of potential spyware, adware, Trojans, keyloggers, spybots and tracking threats.
Spyware Doctor is fully capable of detecting and removing hidden processes associated with complex threats and rootkits. Such threats are otherwise difficult to remove by conventional means since they may be hidden to the operating system.
A Startup Scanner removes references to malicious programs that run at startup in the registry and Windows startup files, as well as malicious files in Windows startup locations.
State-of-the-art scanning engines, including file scan, memory scan, registry scan, browser helper objects scan, cookie scan and much more.
