Options

Flaw in Norton Internet Security?

Unknown
edited March 2004 in Science & Tech
A software component of Norton Internet Security could allow hackers to use the application as a backdoor into a person's computer system, security researchers warned Friday.

[blockquote]"The attack can be achieved either by encouraging the victim to visit a malicious Web page or placing a script within...an HTML e-mail," the advisory stated.
[/blockquote]
[link=http://news.com.com/2100-7355_3-5176442.html?tag=nefd_top]The full report[/link]

Comments

  • Straight_ManStraight_Man Geeky, in my own way Naples, FL Icrontian
    edited March 2004
    Also, same article:
    Symantec released fixes for the flaws that can be downloaded from its site, using LiveUpdate, the standard update mechanism included with the programs.

    At least they DID patch it....

    John D.
  • ginipigginipig OH, NOES
    edited March 2004
    Considering how many virii/trojans are spread via email & Outlook clients (or any other html-based reader,) you'd think that the general populace would turn to text-based alternatives.
  • primesuspectprimesuspect Beepin n' Boopin Detroit, MI Icrontian
    edited March 2004
    The general populace has no idea what you just said.... That's the primary problem. Most of the general populace does not know what they use for email. They think outlook is called "email" and internet explorer is called "the internet". They don't know what HTML is, or that there is such a thing as text-based clients, or what a client is, or that different clients exist.
  • Straight_ManStraight_Man Geeky, in my own way Naples, FL Icrontian
    edited March 2004
    primesuspect wrote:
    The general populace has no idea what you just said.... That's the primary problem. Most of the general populace does not know what they use for email. They think outlook is called "email" and internet explorer is called "the internet". They don't know what HTML is, or that there is such a thing as text-based clients, or what a client is, or that different clients exist.


    Quite true. Also, text email where you have to cut-n-paste links would be considered archaic by many folks. HOWEVER, most pros use mostly or all text based email these days, because 90% of viruses vector through email totally or else in that way as well as other ways.

    I get some HTML email from publishers that scan befopre sending it, but it is ALSO scanned before it is opened on my end and I also scan periodically, like every three days, the whole systems I use. My ROUTER weill tell me if strange port open attempts are made, so will my firewall on each client. BUT, I still scan for AV regularly, adn the AV picks up updates daily at night (typically just before dawn). So, either use text email or be DANG careful. OE and Outlook CAN be set not to use HTML email. Not easy, can be done.

    Right idea, but Joe or Sam or Lydia or Rochelle on the street does not understand WHY or how important it is, and that is why I keep repeating this same refrain and would say Ginipig is right to do the suggestion. Idea needs to be said, for those who will look and see why it is said.

    My AV knows 112729 distinct malware things at this time. 404 are Linux DOS (Denial Of Service) style malwares that are still floating "on the internet", rest are Windows app or O\S level attacks.

    John D.
Sign In or Register to comment.