Jeff Posted December 24, 2005 Share Posted December 24, 2005 Critical Symantec bug hits 40 products The security bug that RoARed By John Leyden Published Thursday 22nd December 2005 12:24 GMT A flaw affecting many Symantec security products - both consumer and enterprise - has been discovered. Users of Symantec's Norton Internet Security 2005, Norton AntiVirus 2005, Norton Antivirus for Macs, corporate anti-virus apps and Brightmail anti-spam software (among others) all need to apply patches following the discovery of the "critical" security bug. In all 40 packages are affected. The vulnerability stems from a flaw in an library component (called Dec2Rar.dll) involving the processing of RAR archives. This vulnerability can be exploited as a means to inject hostile code onto vulnerable systems when a malicious RAR file is scanned. The flaw affects Dec2Rar.dll version 3.2.14.3 and potentially hits all Symantec products that use the library file, hence the large number of affected packages. Click Here Users are advised to update their software, as explained in Symantec's advisory here. The glitch was discovered by security researcher Alex Wheeler, who's discovered many similar patches in anti-virus packages over recent months, most of which involve the processing of various types of archive file. Quote Link to comment Share on other sites More sharing options...
Guest Yat4 Posted December 24, 2005 Share Posted December 24, 2005 Glad I switched over to Avast! Thanks for the tip again. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.