Flaw stymies Norton Internet Security
An ActiveX component used by Symantec's flagship desktop security program could enable hackers to use the application as a backdoor into a person's computer system.
The flaw occurs in an
Get Up to Speed on... Enterprise security Get the latest headlines and company-specific news in our expanded GUTS section. | ||||
Symantec's Antispam software has a similar issue caused by a different ActiveX component. ActiveX is a Microsoft technology for creating scripts, small programs that can add functionality to a computer or a Web site.
Symantec released fixes for the flaws that can be downloaded from its site, using LiveUpdate, the standard update mechanism included with the programs.
"To date, Symantec has not had any reports of any related exploits, and exploit code has not been posted, but we will continue to evaluate this issue," the company said in a statement sent to CNET News.com. "Symantec issued a fix on March 18 for customers to download via LiveUpdate."
Last December, Symantec fixed a problem that affected a small percentage of the more than 1.2 million users of the company's Norton Antivirus 2004, Norton Internet Security 2004, Norton Antispam 2004 and Norton SystemWorks 2004. For those customers, the applications would mistakenly ask for a product activation code every time a PC was rebooted, and eventually the program would become locked.