Symantec AntiVirus Vulnerability

Written by Brett Thomas

December 21, 2005 | 11:22

Tags: #antivirus #critical #norton #overflow #winrar

Companies: #symantec

This just in from InformationWeek:

Symantec's line of anti-virus software is vulnerable to attack, a prominent security researcher revealed Tuesday. The bug is currently unpatched, although Symantec has issued an advisory.

The vulnerability, which was discovered and reported by Alex Wheeler, is in how Symantec's AntiVirus Library, part of all the Cupertino, Calif.-based security giant's anti-virus products, handles RAR compressed files. RAR files are created by the WinRAR compression utility, developed and sold by RarLabs.

The bug, labelled as "Highly critical" by Danish vulnerability tracker Secunia and "High" by Symantec itself, can cause a heap overflow, which then may let an attacker execute additional code. Bottom-line: the bug could result in a completely compromised machine.

Despite the irony of Symantec's program being a compromising liability on your computer, I'll refrain from much joking. If you're using the software, just a helpful reminder to temporarily disable it until patched and instead pick up one of the other virus scanners on a trial basis.

For those who would like to discuss the issue (or chuckle at how the software to keep your computer free from viruses actually enables you to get viruses), feel free to slip past our firewalls and leave a post in our forums.
Discuss this in the forums
YouTube logo
MSI MPG Velox 100R Chassis Review

October 14 2021 | 15:04