Security company eEye on Wednesday published details of four security holes that affect a range of Symantec's client-based applications, including Norton Internet Security, Norton AntiVirus and Norton AntiSpam. Symantec has published a security response on its Web site.
 | ||||
|
| | ||
|
Get Up to Speed on... Enterprise security  Get the latest headlines and company-specific news in our expanded GUTS section. |
| ||
|
|
||||
|
|
||||
Symantec's Guido Sanchidrian, a product manager for antivirus, content filtering and security response, said the company has spent the past month developing fixes for the vulnerabilities and has now made the patches available to its customers.
"Anyone who regularly runs Symantec LiveUpdate should already be protected. However, to be sure, customers should manually run Symantec LiveUpdate," Sanchidrian said.
Philippe Alcoy, senior security consultant at eEye, said the people most at risk are those not protected by a perimeter firewall. This might include people at home, workers at smaller businesses and corporate laptop users not working through their VPNs.
"Most corporate environments have perimeter firewalls, so users behind that are only vulnerable to an internal attack, but users taking laptops home are at risk," Alcoy said.
Of the four flaws, three could allow a hacker to take control of an affected system, while one could be used to force a computer into an infinite loop by simply sending it a specially crafted packet of data.
"That's a big problem if the machine is a mission-critical server," Alcoy said.
The flaws were first reported to Symantec on April 19, which means the company has taken just under a month to develop a patch. According to eEye, this is a "reasonable" amount of time in which to address the vulnerabilities.
In January, Symantec plugged a gap in its LiveUpdate feature that could have allowed hackers to gain administrator rights on an affected PC. Just two months later, the company admitted its Internet Security package contained a back door that could be used by hackers to take control of the machine.
The flaws affect the following packages: Norton Internet Security and Norton Internet Security Professional 2002, 2003 and 2004; Norton Personal Firewall 2002, 2003 and 2004; Symantec Client Firewall 5.01 and 5.1.1; Symantec Client Security 1.0, 1.1 and 2.0 (SCF 7.1) and Norton AntiSpam 2004.
Symantec's Sanchidrian said the company does not believe any of its customers have been affected by the flaws at this time.
Munir Kotadia of ZDNet UK reported from London.
