When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Symantec patches critical Norton flaw

A bug in the way Norton AntiVirus software uses the ActiveX programming language could cause serious problems for users of Symantec's products. On Thursday, Symantec patched the flaw warning that a bug in two ActiveX controls used by Symantec's client software could allow an attacker to run unauthorized software on a victim's computer. Security vendor Secunia ApS rates the problem as "highly critical."

The flaw is an "input validation" error, meaning that Norton doesn't properly check the data it's receiving to ensure that it can't be mistaken for malicious commands. The bug affects users of the 2006 versions of Norton AntiVirus, Norton Internet Security, and Norton System Works. Norton Internet Security 2006, Anti Spyware Edition is also affected.

View: The full story
News source: InfoWorld

Report a problem with article
Next Article

Microsoft Plans Nine Security Updates for Next Week

Previous Article

Digital photo frames becoming more functional

Join the conversation!

Login or Sign Up to read and post a comment.

4 Comments - Add comment