Symantec plays-down security hole in Norton AntiVirus

However, a Symantec spokesperson told ZDNet Australia  that the flaw was not a threat to users because it only affected systems that are running Windows with administrator rights.

"Symantec would like to reiterate that the situation described is one of access rather than threat. The VBS scripts described can only be successfully run on the target system with administrator rights," the spokesperson said.

Security researcher Dan Milisic, who discovered the vulnerability in October, told ZDNet Australia  that Symantec is "missing the point" and trying to "mislead" its customers because Norton AntiVirus 2005 is an application designed for consumers, the majority of whom run their computers with administrator rights.

"They're not saying my code doesn't work because they can't -- it does. They can however choose to completely miss the point. Norton AntiVirus is aimed at the Home and SOHO market. There is a separate product for corporate protection. By default, in the Windows XP OOBE (Out Of Box Experience) users are administrators," Milisic said.

Foad Fadaghi, senior industry analyst at Frost & Sullivan Australia, who would not comment on this specific issue with Symantec, agreed that in general consumers tend to log in as administrators, which is why there have been so many problems with things like rogue diallers, which hijack a system's dial-up Internet connection and call premium rate numbers to run up huge bills.

"The malicious dialler programs need admin rights as well but there are widespread incidents of it happening. In businesses [admin rights] are not so much of an issue but in the consumer market it might be," Fadaghi said.

To further demonstrate the flaw, Milisic created a small 'movie' of his script in action.

In the movie, which has been seen by ZDNet Australia , Milisic demonstrates how running his scripts can infect an apparently protected computer with a virus.

Milisic said: 'You can see that Script Blocking gets completely uninstalled. Also notice that Auto-Protect doesn't kick in until you click on the tray icon and launch the NAV console. By then, the 'virus' has already launched -- you can see in the cmd.exe window.

"Putting this together was pretty simple and worth the effort to properly address Symantec's response. I will let the presentation speak for itself," he added.

• Related stories

• Alerts

Add your opinion

1. Norton AV, as a whole, is a sub-grade product, which has, somehow monopolized the Windows home pc security market. This is unfortunate, since their support and service in general is anything BUT usable by the home pc user. Does anyone know of a Anonymous -- 09/11/04

   Norton AV, as a whole, is a sub-grade product, which has, somehow monopolized the Windows home pc security market. This is unfortunate, since their support and service in general is anything BUT usable by the home pc user.
   
   Does anyone know of a comparable (but actually usable) alternative product for Windows? I've used Vexira on Linux for many years, with no problems, but, that may just be becuse there weren't problems to be had.

   • Reply to comment
   • Reply to story
   • Report offensive content

2. Dear ZNet Thank you so much for your news on NAV 2005. I have just downloaded on the 04/11/2004 and every thing worked fine until today, it came up with file missing and I have done live update and very thing shows okay on that end but still the Anonymous -- 10/11/04

   Dear ZNet
   Thank you so much for your news on NAV 2005.
   I have just downloaded on the 04/11/2004 and every thing worked fine until today, it came up with file missing and I have done live update and very thing shows okay on that end but still the email scanning is red and and my bottom bar it shows it is disabeled.
   I had also heaps of problems with NIS 2004 could not install even with Computer Technician help.
   So I have purchased for 3 computers a CD NIS 2005 could not install either.
   I am not happy.
   So I will Buy AVG because I am sick and tired to spend money and on the end it is not working.
   
   Yours Faithfully
   
   Elvira Reichmuth

   • Reply to comment
   • Reply to story
   • Report offensive content

3. So much software around is written without regard to how it might run when a non-administrator is logged on. And besides, why shouldn't the owner of the PC operate in Administrator mode. In a corporate environment fair 'nuff, but on the home Anonymous -- 11/11/04

   So much software around is written without regard to how it might run when a non-administrator is logged on. And besides, why shouldn't the owner of the PC operate in Administrator mode.
   
   In a corporate environment fair 'nuff, but on the home user front it is entirely meaningless to whitewash the whole problem with the simple statement that only administrators are at risk.
   
   And what about the poor old sys admins anyway, trying to patch machines logged in as administrator, but being vulnurable to attack because of it!

   • Reply to comment
   • Reply to story
   • Report offensive content

4. I bought the Norton 2005 AntiVirus to update. Upon finishing the install of the new program, my computer crashed, and message error - you may have installed new drivers, etc. When I uninstalled the Norton, my computer was fine. I reinstalled, crashed, Anonymous -- 25/11/04

   I bought the Norton 2005 AntiVirus to update. Upon finishing the install of the new program, my computer crashed, and message error - you may have installed new drivers, etc. When I uninstalled the Norton, my computer was fine. I reinstalled, crashed, same message. Eventually, it killed my hard drive, and I have lost everything. I tried to contact Norton, and they wanted $30 just to speak to someone. IMO, they suck! I am returning it today for a refund.

   • Reply to comment
   • Reply to story
   • Report offensive content

   1. norton antivirus Anonymous -- 14/11/05

      I have had the same problem although I didn't buy it.
      Only five days after installing 15 day free trial norton decided to tell me expiry date was up.
      Not so, they disabled antivirus I uninstalled anti virus now I have all sorts of problems.
      I contacted them and same, very hard to get someone it took me all day and failed to instruct me how to fix the problem.
      I have tried to gain access to my personal banking, cannot get in, along with a lot of other internet sites.
      I have had the bank and my internet provider go through everything and have informed me it is purely a norton issue.
      It is terrible, I am now a very unhappy person left high and dry because of norton.
      Never again will I look at their product.
      I am so glad I didn't buy it.
      What a hassle I would have.

      • Reply to comment
      • Report offensive content

• Just In

• Most Popular

• Most Discussed

Hot Spot - What's Important

Achieve continuous availability with high performance NonStop blade technology

Looking to buy a printer? Our superguide rates the latest printers and shines a light into the industry.

Download Your Microsoft Unified Communications Fact Pack now.

Microsoft Unified Communications - Take your Self Assessment Today.

Reader Services

Popular Topics

Essentials