Cameras
Camcorders
Cell Phones
Components
Desktops
HDTV
Home Theater
GPS
Laptops
Monitors
MP3 Players
Networking &
Printers
Storage
WiFi Finder
Locate wireless services by a specific address, city, state, country, airport, or zip code.
Hackers Allege Flaw in Symantec's Antivirus Line
German group warns that LiveUpdate can be easily rerouted and customer PCs invaded.
Sam Costello, IDG News Service
The tool used to update the virus definitions in Symantec's antivirus products has a security hole that can allow hostile code to be downloaded to PCs, according to the German hacking group Phenoelit.
LiveUpdate, the software used by Symantec's antivirus software to automatically update virus protections when updates become available, has flaws in both the 1.4 and 1.6 versions that allow for the attacks, Phenoelit says. When LiveUpdate 1.4 looks for updates, it attempts to connect to a specific server at Symantec, the group said. That connection, however, can be hijacked using a number of Domain Name Server attacks and rerouted to the server of the attacker's choice, Phenoelit says. If an attacker recreates the proper directory structure on the server the connection is sent to, any code can be downloaded to the user's machine and executed, the group says.
Version 1.6 doesn't have a vulnerability that is quite as extensive, but can fall victim to a network performance degradation attack, the group adds. The use of a special Symantec data format for the updates and cryptographically signed update files prevents the same kind of attacks that LiveUpdate 1.4 can be hit with, according to Phenoelit. Version 1.6 can also be prevented from receiving any updates, even if they are available, by using the connection to launch a hijacking attack and manipulating some files on the destination server, the group says.
Symantec Silent
Phenoelit says it notified Symantec of the flaw on September 22. Symantec did not immediately return calls seeking comment.
The practice of posting details about a vulnerability has raised discussion in the security community. Some advocate giving vendors time to respond before publicizing a software flaw--although the amount of time that is sufficient and fair is also up for debate. Others question the motivation of hackers and others who trumpet software flaws that can be exploited as security holes.
The group advised users to upgrade to LiveUpdate 1.6, though it noted that LiveUpdate 1.6 is still vulnerable to the network degradation attack. It also urged Symantec to use new cryptographic signing methods and to tell its customers about the security flaws in LiveUpdate 1.4.
Microsoft Office Home and Student 2007
Save on Printing Costs
- Great year-end deals
for small business! -
Get 24/7 live remote AT&T Tech Support 360* service along with select Lenovo* PCs (with Intel® Core™ 2 Duo processors) and save up to 200!
-
HP EliteBook* 6930p Notebook with Intel® vPro™ technology and a free HP Basic Docking Station - $641 instant savings!
- *Other names and brands may be claimed as the property of others. ©2009 Intel Corporation. Intel, the Intel logo, vPro and Core trademarks of Intel Corporation in the United States and other countries. All rights reserved.
Dell End of Year Deals
-
Ring in the New Year with Huge Deals on Dell Computers Up to 30% Popular Dell Laptops, up to 25% off Popular Dell Desktops. Sales ends 12/31 5AM EST.
People who read this also read:
Best Prices on Security Software
Norton Internet Security 2010 - 3 UsersPrice: $26.30
Norton Internet Security 2010 - 3 UserPrice: $26.30
Internet Security 2010Price: $31.89
Norton 360 Version 3.0 - 3 LicensesPrice: $39.99
Norton 360Price: $25.00
Total Protection 2010 - 3 UserPrice: $26.97
-
Perfect Printing Solutions Find just the right All-in-One printer for you from HP. Visit the HP Resource Center.
-
Lenovo Laptop Showcase Find out how Lenovo IdeaPads and Thinkpads balance performance and portability. Visit the Lenovo Resource Center for more info...
