« New Christmas themed IM worm
Google Talk to work with AIM »

Security hole found in Symantec anti-virus software

A new security hole in Symantec’s Anti-virus program involves the decompressing of RAR files by creating “heap overflows”.

To create a heap overflow, a malicious hacker sends large amounts of data that overwhelm a buffer, an area used for temporary data storage. This attack, similar to a buffer overflow, lets attackers overwrite portions of a system’s memory in order to run their own malicious code.

Symantec users are vulnerable to the attack when their anti-virus software scans the RAR files for viruses or worms, Wheeler wrote. The attack can be launched via e-mail without the user having to open the message or click on an attachment, he said

Source: TechWorld

To avoid this security hole for now you can disable the scanning of RAR files. A fix should be out shortly.

Leave a Reply

This entry was posted on Thursday, December 22nd, 2005 at 11:47 am and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Site Search Tags: No Tags
Technorati Tags: No Tags
 
Home | Feeds | Privacy | Terms of Use | Sitemap | © 2005-2007 PC Self Help