Symantec hit by large-scale flaw
by John E Dunn, Techworld.com
Most of security company’s products affected - patches available
Symantec has issued patches to fix a “high impact” security hole that affects almost every product it currently sells.
According to security rival ISS, which unearthed the vulnerability, the problem lies with the DEC2EXE module in the Symantec Anti-Virus Library, a part of the virus detection engine that makes it possible to detect malware inside .exe files compressed using the freeware UPX (Ultimate Packer for eXecuteables) format.
The vulnerable module fails to properly check within files when looking for viruses, a flaw that could allow an attacker to cause a software “heap overflow” using a specially crafted UPX file. ISS stated that this could, in turn, give an attacker unauthorised access to a network or its client PCs, as well as confidential information.
The company has posted an extensive list of affected products on its website, which includes its most popular programs for Windows, Mac, Linux and AS400 platforms, and even antispam software from Brightmail, a company acquired last year. Those versions not affected are mainly older, non-current versions of products or those updated most recently.
In an attempt to calm anxiety that a serious problem could affect almost its whole product line, Symantec emphasised that it had started removing the DEC2EXE module from its software before the issue came to light.
“Prior to ISS contacting Symantec with this vulnerability, Symantec had already removed the DEC2EXE engine from the scan engine upgrades implemented in the majority of Symantec products. Also, Symantec had planned the DEC2EXE engine removal from all affected Symantec product versions during upcoming maintenance updates,” it stated on the company website.
Quote from PC Magazine:-
With their top-notch antivirus and personal firewalls, both Norton Internet Security and ZoneAlarm Security Suite are excellent options. But now, for the first time, ZoneAlarm stands alone as our Editors’ Choice.
I was impressed to get some performance back from my PC by transferring to ZoneAlarm Security Suite. There is a FREE lite version for home use too.
Saw thread regarding zone alarm after I had posted this. Mods please feel free to add comments to zone alarm thread. Also noted that another poster had highlighted this issue (Hollywood) apologies to said poster… I did not intend to walk on anyone here.
This thread appeared to me at just the right time. I was dreading the annual subscription for Symantec coming up because I remembered that last year it took ages to get through all the stages.
Anyway, up it came a week or so ago, and I set off on the marathon.
One hour later I thought I had completed the whole thing and then it said because I had paid with Mastercard there was a further security process to go through with them. So, I filled in all that was required of me there,and then noticed that they were quoting a transaction price double what it should have been.
That was the final straw and I just refused to confirm and cut the connection.
Later I had an email from Symantec saying I had successfully renewed my subscription. OK I thought, then the next day all the reminders started again.
In fury I e-mailed them saying if I wasn’t renewed, forget it I will search elsewhere but if they still took my money I would sue.
Two days later I got an email saying that the first email had gone to an unanswerable address. By now incandescent, I copied and pasted the first email to the address they indicated. I still get the popup reminders but no communications.
I will now turn to ZA as suggested by others, I don’t want my security in the hands of such a useless outfit.