Symantec Warns Of Bug In Norton Internet Security

The security company has issued a product update to fix a buffer overflow vulnerability in an ActiveX control.
Symantec is warning users that an ActiveX control in its Norton Internet Security product could enable a remote hacker to take over the system.

The security company called the flaw a "medium" risk, but vulnerabilities that enable remote control of a system frequently are considered "critical" bugs. The flaw, according to the U.S.-CERT, also could allow a hacker to cause a victim's browser to crash.

According to a Symantec advisory, an ActiveX control used by Norton Personal Firewall 2004 and Norton Internet Security 2004 contains a buffer overflow vulnerability. Researchers at the U.S.-CERT notified Symantec of the vulnerability.

Symantec has provided fixes for the flaw through product updates that are available through LiveUpdate.

To exploit the vulnerability, an attacker would lure a user to view malicious html code. Generally to do this, hackers either send potential victims an e-mail with either a malicious attachment or with a link to a Web site that has malicious code embedded in it. The company reported in its advisory that its researchers haven't seen any exploits of the bug circulating on the Internet.

Symantec's Norton Internet Security product is a Windows-based system that includes antivirus, firewall, intrusion detection, and privacy protection, along with spam and content filtering. An ActiveX control is a set of rules for how applications share information.

Editor's Choice
Mary E. Shacklett, President of Transworld Data
James M. Connolly, Contributing Editor and Writer