Symantec plugs antivirus security holes
Symantec has published a report about two software flaws in its antivirus product that could crash users’ computers.
One of the vulnerabilities caused Norton AntiVirus 2004 and 2005 to freeze when scanning a particular file type for viruses. This would ultimately cause the system to hang and require a reboot.
The second flaw occurred in Norton AntiVirus 2005 when a file name was changed on a network shared disk. Under certain circumstances this would result in excess CPU consumption and ultimately a system crash.
The security software company lists the threat as low risk, and to its knowledge no live systems have been affected by the flaws. Users running Symantec’s LiveUpdate service have already received a patch that fixes the problem.
The company advises any users not using LiveUpdate to manually update their antivirus software. Unpatched systems are vulnerable to attack through the web or email.