Thursday, February 10, 2005
Vulnerability in Symantec antivirus
Normally I dont like to post these vulnerability/security announcements because these days they are just too damn many of them. But as this has to do with the Symantec antivirus itself, I am posting it onto my blog.
There was an issue in the Symantec antivirus that allowed a virus to execute while scanning it. The problem exists in how the scanning code handles a compression format known as the Ultimate Packer for Executables (UPX). An attacker could create a virus designed to exploit the UPX flaw and send it to victims through e-mail or host it on a Web site. They claim to have fixed it already (but I couldnt find a download link on their site). If you do run an Symantec (Norton) antivirus, do the wise thing and upate your copy immediately.
There was an issue in the Symantec antivirus that allowed a virus to execute while scanning it. The problem exists in how the scanning code handles a compression format known as the Ultimate Packer for Executables (UPX). An attacker could create a virus designed to exploit the UPX flaw and send it to victims through e-mail or host it on a Web site. They claim to have fixed it already (but I couldnt find a download link on their site). If you do run an Symantec (Norton) antivirus, do the wise thing and upate your copy immediately.
Copyright Anand Jain 2004, 2005. All rights
reserved.
Webmaster
