The problem stemmed from a faulty antivirus "microdefinition update" distributed on June 19, according to Russ Cooper, NTBugtraq moderator and surgeon general of TruSecure. The problem was disclosed in the NTBugtraq discussion list on Monday. Symantec also found itself in hot water on Monday after customers using Symantec AntiVirus Corporate Edition reported that an automated antivirus definition update from the security company caused the antivirus software to fail. A team at the company is also investigating ways to nullify the faulty control, but could not comment on any progress in that search, Lee said. Symantec is in the process of creating a tool to help remove the ActiveX control from affected machines. The company does not know how many of those users actually scanned their system, nor does it have any way to contact users who did, he said. Symantec estimates that more than 30 million individuals visited the Symantec Security Check site since its inception, Lee said. In the meantime, the flawed ActiveX control from the Security Check service could be an attractive target for hackers. Users should be suspicious when third party Web sites ask you to download an ActiveX component signed by Symantec, according to Vincent Weafer, senior director of Symantec Security Response. In the meantime, the company is encouraging Internet users to apply so-called "best practices" when prompted to download an ActiveX control.īest practices include scrutinizing the signature of ActiveX components before agreeing to download them, Lee said. Symantec acknowledged that the new control uses the same digital signature as the flawed one and is "looking into" that issue, according to Anson Lee, product manager for Norton Internet Security at Symantec. However, security researchers monitoring the issue noted that simply updating the control still left users vulnerable to attack, especially if that control contains Symantec's digital signature.Īttackers who have a copy of the flawed ActiveX code with a valid digital signature could trick Microsoft Windows systems into accepting the control, opening that system to attack even if it did not already have the faulty component installed, according to a notice posted to Full-Disclosure by Jason Coombs, a software security expert in Kea'au, Hawaii.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |