Serious flaw in Symantec Antivirus Library

By Spike
Dec 22, 2005
Topic Status:
Not open for further replies.
  1. http://www.eweek.com/article2/0,1895,1903971,00.asp...

    ...Basically, it seems that this article is saying that by sending you an email with a specially created RAR attachment, they would be able to comprimise and gain complete control of a computer with default settings without the user even opening the attachement - or even if the user chooses not to even read the email!

    Bad. Very bad.

    Crossposted by myself from News and Interesting links
  2. Tedster

    Tedster Techspot old timer..... Posts: 10,074   +13

    Norton has already patched this flaw a while ago.
  3. Spike

    Spike Newcomer, in training Topic Starter Posts: 2,371

    Apologies if that is the case, but the article presents the impression that this is a new rar file related bug.

    edit - according the the inquirer, symantec have not released a patch for this one yet... http://www.theinquirer.net/?article=28496
  4. jobeard

    jobeard TS Ambassador Posts: 13,351   +301

    it's primarily an Enterprise Edition issue
  5. Tedster

    Tedster Techspot old timer..... Posts: 10,074   +13

    hmmm..... looks like this is a second a newer flaw.... keep us posted....
  6. Spike

    Spike Newcomer, in training Topic Starter Posts: 2,371

    Here's the symantec advisory - it mentions no patch just as yet, but symantec have produced an antivirus definition update to try to detect exploits of this vulnerability, and so an update of your definitions is advised if you havn't done so already (or better still, if you're using the consumer/home products, ditch them completely and get something else lol)...

    http://securityresponse.symantec.com/avcenter/security/Content/2005.12.21b.html

    It does however contain a complete list of affected and disaffected products, and advice on how to stay protected untill a patch is released. Symantec state that they no reports of exploits of this vulnerability at this time have been made to them.

    Should you wish to search symantec for news on this vulnerability (none as yet), its reference is SYM05-027.

    While symantec has more enterprise products affected by this vulnerability, I suspect this is largely due to symantec having more enterprise products overall. The consumer products affected for Windows machines are...

    Norton AntiVirus - 2004, 2005, 2006
    Norton Internet Security Professional - 2004, 2005, 2006
    Norton SystemWorks - 2004, 2005, 2006
    Norton Personal Firewall - 2004, 2005, 2006
    Symantec AntiVirus for Handhelds (?*) - All

    * I don't acctually know if this product is used with windows or not.

    Clearly then, this is far more than primarily an enterprise issue.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.