Jump to content

Norton Users


Jeff
 Share

Recommended Posts

Critical Symantec bug hits 40 products

The security bug that RoARed

By John Leyden

Published Thursday 22nd December 2005 12:24 GMT

 

A flaw affecting many Symantec security products - both consumer and enterprise - has been discovered. Users of Symantec's Norton Internet Security 2005, Norton AntiVirus 2005, Norton Antivirus for Macs, corporate anti-virus apps and Brightmail anti-spam software (among others) all need to apply patches following the discovery of the "critical" security bug. In all 40 packages are affected.

 

The vulnerability stems from a flaw in an library component (called Dec2Rar.dll) involving the processing of RAR archives. This vulnerability can be exploited as a means to inject hostile code onto vulnerable systems when a malicious RAR file is scanned. The flaw affects Dec2Rar.dll version 3.2.14.3 and potentially hits all Symantec products that use the library file, hence the large number of affected packages.

Click Here

 

Users are advised to update their software, as explained in Symantec's advisory here. The glitch was discovered by security researcher Alex Wheeler, who's discovered many similar patches in anti-virus packages over recent months, most of which involve the processing of various types of archive file.

large.greyhound_signature.gif

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...