Computer Help Community

Community

Cyber Tech Help Community

New Tutorials

More Tutorials
PC Tutorials

New Downloads

More Downloads
PC Downloads

Member Testimonials

Open Member Quote   I for one would like to say a word of appreciation and thanks to the moderators who help so many people on this forum. I would also like to remind all you people who post your urgent problems on any of the forums that it only takes a minute to say "thank you" to the person who helps you resolve your problem. I know how very frustrating it is to follow a problem until it is (presumably) resolved and then have the person who posed the problem disappear without any acknowledgement of having been helped. Think how you would feel is you had invested your time and your expertise in helping someone and they didn't even say "thank you." - jayt  Close Member Quote
Member Testimonials
MY CYBER TECH HELP

LATEST TOPICS

Tech Help Community

Free Antivirus Scan

Free Virus Scan and a listing of the top 10 viruses in the wild - Free Antivirus Scan
Free Online Antivirus Scan

File Extension Database

Find what program a filetype belongs to in our searchable File Extension Database.
File Extension Database

Related Microsoft Links

Technet

Expert Zone Community
Services
Cyber Tech Help Community

To the top of the page to top

 



Computing News | Critical Flaw Affects Symantec AntiVirus

Latest News Latest News | News ArchiveNews Archive | Cyber Tech Help News RSS Feed!

Posted by: Tweaker
Date added: 23:02 Wednesday, 21st December 2005 GMT
Source: Beta News

Symantec

flaw within Symantec AntiVirus could open users' computers to the execution of arbitrary code when a specially crafted RAR file is scanned, independent security researcher Alex Wheeler said in an advisory on his Web site Tuesday.

Wheeler's work centers on looking for remote stack, heap and buffer overflows, mainly in antivirus products. In the case of this particular flaw, the problem is a result of unchecked 16bit length fields in RAR sub-block header types.

The flaw allows an attacker to assume complete control of the affected computer, without any user interaction in the default configuration of the antivirus software. Wheeler said that a hacker could exploit the vulnerability through common Internet protocols like SMTP.

"Successful exploitation of Symantec protected systems allows attackers unauthorized control of data and related privileges," he wrote in the advisory. "It also provides leverage for further network compromise."

RAR files are being used in increasing numbers by attackers to circumvent antivirus software. Until recently, many scanners did not look inside compressed files. But now that virus writers are trying to use them as payloads for malware, it has become necessary to do so.

However, the fact that this new feature can actually open up an entirely new vulnerability may be disconcerting to some. Until it is fixed, Wheeler recommends that Symantec users turn off RAR scanning, and practice caution when downloading any RAR file.

Tools:  Tools: Post a comment | Link to this news item | Send to a friend | Submit News

 

Post a commentPost a comment

Error: You are not logged in.

In order to leave comments to news articles you must be a Cyber Tech Help Member.

Registration is completely free!  Register to become a member!  Register to become a member

Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.

 

[ To the top of the page To top | Latest News Latest News | News Archive News Archive | Cyber Tech Help News RSS Feed! ]