FirstAdopter.com

Norton Antivirus Vulnerabilities

Remember when we bought anti-virus software and it was supposed to protect us, not make us vulnerable for more security attacks? Symantec admitted this week its anti-virus software had two holes that could of let a hacker crash your computer or use it for launching denial-of-service attacks to slow computers to a crawl. The company has sent out a patch to fix it, so be sure to update your software ASAP.

The flaw essentially causes Symantec's software to crash when it is asked to inspect a file specifically designed to exploit the flaw. The file could be submitted either remotely from outside a system or internally by someone with physical access to a computer, Symantec said.

The second flaw, discovered by the Japan Computer Emergency Response team, can be used to launch denial-of-service attacks by scanning specific file modifications using the SmartScan feature in Norton AntiVirus. Symantec said that any malicious use of that vulnerability would specifically require someone with authorized access to a computer to exploit the issue. SmartScan is designed to scour for viruses hidden in file extensions, as well as in executable and document files.