Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
Symantec Patches Firewall FlawsSymantec Patches Firewall Flaws
The company has posted a security advisory on its Web site and made patches available for the third group of vulnerabilities since the start of the year.
1 Min Read
On the same day that Symantec Corp. updated its enterprise edition firewall, it acknowledged critical security flaws within many of its most popular firewall products.
The four vulnerabilities revealed Wednesday affect both consumer and business products. Users of Norton Internet Security, Norton AntiSpam, Norton Personal Firewall, Symantec Client Firewall, and Symantec Client Security are at risk, said Symantec, because of flaws within the firewall technology that Symantec uses in the products.
The vulnerabilities were uncovered April 19 by eEye Digital Security, and passed along to Symantec.
Three of the security holes could allow an attacker to insert and execute code of his choice on the machine--a Trojan horse, for instance, to control it remotely--while the fourth could result in a denial-of-service attack that would crash the computer.
Symantec has posted a security advisory on its Web site, and made patches available through its LiveUpdate service.
Customers running the corporate versions of Symantec Client Firewall or Symantec Client Security should download and apply the patches through their appropriate support channels, Symantec urged, while consumers using the Norton line should do a manual LiveUpdate rather than wait for the next scheduled download.
The latest group of vulnerabilities is the third since the beginning of the year. In January, Symantec fixed a LiveUpdate gaffe that could have let hackers obtain administrator rights to a PC; in March, the company noted that machines running its Norton Internet Security could be hijacked by attackers.
About the Author
You May Also Like
More Insights
