Symantec Confirms AV Library Flaw, Promises Patch

the_flyswatter writes "Anti-virus vendor Symantec Corp. has publicly acknowledged that a high-risk buffer overflow vulnerability in its AntiVirus Library could lead to code execution attacks when RAR archive files are scanned. The company confirmed the issue was a buffer overflow in the AntiVirus component used to decompose RAR (Roshal Archive) files. 'A specially crafted RAR file could potentially cause this buffer overflow to occur and execute hostile content from the RAR file,' the advisory read. The bug also affects 15 consumer products, including the widely deployed Symantec Norton AntiVirus, Symantec Norton Internet Security Professional, Norton Personal Firewall and Symantec Norton Internet Security for Macintosh."

Re:You know what this means -

[advocate_one]

Gee, that sounds serious, and these viruses don't tell you that they've just installed themselves. What someone should make then is some sort of software that scans your system for viruses and warns you if your system has been compromised...

what someone should make is a consumer grade operating system that's secure by design in the first place... ms-windows ISN'T...

Re:You know what this means -

[thebes]

And how many other people call it ms-windows? And grandpa, when are you going to tell us the story of how you had to pedal a generator bike so you could punch away at cards for an hour a day, huh? Tell us more bullshit, I meant stories!