A gaping security flaw in the latest versions of Symantec's anti-virus software suite could put millions of users at risk of a debilitating worm attack, Internet security experts warned May 25.

Researchers at eEye Digital Security, the company that discovered the flaw, said it could be exploited by remote hackers to take complete control of the target machine "without any user action."

"This is definitely wormable. Once exploited, you get a command shell that gives you complete access to the machine. You can remove, edit or destroy files at will," said eEye Digital Security spokesperson Mike Puterbaugh.

continued (http://www.eweek.com/print_article2/0,1217,a=179335,00.asp)

A gaping security flaw in the latest versions of Symantec's anti-virus software suite could put millions of users at risk of a debilitating worm attack, Internet security experts warned May 25.

Researchers at eEye Digital Security, the company that discovered the flaw, said it could be exploited by remote hackers to take complete control of the target machine "without any user action."

"This is definitely wormable. Once exploited, you get a command shell that gives you complete access to the machine. You can remove, edit or destroy files at will," said eEye Digital Security spokesperson Mike Puterbaugh.

continued (http://www.eweek.com/print_article2/0,1217,a=179335,00.asp)
Thanks brother anAfrican!

I recently uninstalled not only norton but mac afee and reverted to an earlier, out of date version of norton. have not had browser problems since, except for some sites which have not updated their flash technology or have out of date plug-ins. *hint*

A gaping security flaw in the latest versions of Symantec's anti-virus software suite could put millions of users at risk of a debilitating worm attack, Internet security experts warned May 25.

Researchers at eEye Digital Security, the company that discovered the flaw, said it could be exploited by remote hackers to take complete control of the target machine "without any user action."

"This is definitely wormable. Once exploited, you get a command shell that gives you complete access to the machine. You can remove, edit or destroy files at will," said eEye Digital Security spokesperson Mike Puterbaugh.

continued (http://www.eweek.com/print_article2/0,1217,a=179335,00.asp)
by coincidence i got a download from norton 5/25

The article I read said that the consumer version of the product was not vulnerable. It's the commercial versions (sold to corporations and institutions) that have the flaw.

http://edition.cnn.com/2006/TECH/internet/05/25/antivirus.flaw.ap/index.html

Okay, you are scaring me!!
This computer is my bread and butter (well, at least my butter) what with all the on-line gigs I hold.

Please tell me what I should do to protect. I have basic Norton, Webroot Spysweeper, adaware, and spybot search. I just updated Symantec/Norton.

Should I upgrade to the 50 dolla package I see on the website, or should I switch to a new company altogether? I heard that AOL has good virus protection.

Thanks in advance,
-Aglo
do you have a router?
i have norton internet security suite running behind a router.
i don't have a problem.

the zonealarm suite is rated higher than norton and when my norton subscription is up i may switch.
check out the sticky thread on protection.
you should never have internet without protection.

I use the free version of these guys software. Been going on almost 8 years or more any never had any problem. I've tried all those others and there is always some patch or something to get them to work with Windows updates or other software I might be installing.http://www.avast.com/

Okay, you are scaring me!!
This computer is my bread and butter (well, at least my butter) what with all the on-line gigs I hold.

Please tell me what I should do to protect. I have basic Norton, Webroot Spysweeper, adaware, and spybot search. I just updated Symantec/Norton.

Should I upgrade to the 50 dolla package I see on the website, or should I switch to a new company altogether? I heard that AOL has good virus protection.

Thanks in advance,
-Aglo
good!! "be very, very afraid!" .. or, at least, very wary of the "solutions" that "mainstream" application/os/computer vendors present: they are out to make money. and they do not at all mind that the big-bucks marketing campaigns they use gloss over "problems".

as in all things: one must educate oneself on just what this stuff is, how it works and what it means. after all, "the price of freedom is eternal vigilance" .. sort of fits in with lots of things we face on a daily, don't it?

personally, i've always had problems (when i ran windows) with za, any/all norton/symantec, or most of the stuff that the industry claims to "work best with windows". <shrug> but, that's mostly because i will always be a "do-it-yourselfer". the industry "hates" "us" because they can't make as much money off of someone that will fix stuff for themselves; figure out whether or not it is good for me _before_ the purchase; and just flat won't even look at the expensive options. oops; sorry - can't seem to ever keep from ranting about the bs ...

i use, when setting up a windows box, avg, spybot s&d, spywareblaster. i, personally, have yet to find a firewall product that i like/trust for use on windows: my firewall/gateway is an old computer running FreeBSD and pf (packetfilter; one of several firewalling tools available, FREE, in an open source operating system environment). any of them that i set up, i turn off automatic updates; i'd much rather be there to see where my computer is going to to get stuff, as well as wanting to know what is being downloaded/installed. as such, i make it a habit to take time out, every couple of days, to go through an update cycle for all of them.

as brother james said, there are some pointers here (http://destee.com/forums/showthread.php?t=39335).

the absolute scariest bit about the entire industry is that the industry is always involved in seeking to improve their products as well as improving on whatever it is that makes their product the "must have". while that is a good thing, the methods used are exactly the methods used by "malware"; most products will "report in" under a variance circumstances - "subscriptions" being one of them. when i buy something, i feel that it is mine; it is no one else's business what i do with it ("negative" or damaging uses of things is something that i will not do); and i will update it when i want to update it. in truth; i am absolutely no one's friend!!

yeah; i know about the "glazed eyes" thing when talking about this stuff. but that is a direct result of the way this stuff has been "marketed": if one knows stuff about this stuff, then one can't continue to have the wool dragged over one's eyes. indeed; learning new stuff is hard, especially when self-learning is so looked down upon.

on the other hand; you do have the tools on hand to do what you need!

on the one hand, that router prolly has a firewall in it. on the other, this new-fangled wireless stuff is even trickier than other stuff. but, if one wants to play the game, one must learn the rules.

what say "we" get to know that router and how to configure it? first step: which model router is it? there is bound to be a user's manual at dlink's website. do you have your set-up configured as phone -> westell -> computer? do you have more than one puter in the house? xp (sp2) and windows firewall <shudder!!!!>?

"security settings tight" and "authorize pop-ups": sounds like internet explorer. i know that it is not a "popular" idea, don't use internet explorer (or outlook/express, or office, or, for that matter; windows). (and you thought i was about to make it easier!) firefox (well, i still prefer mozilla) has all that pop-up blocking stuff built in. (it also has "tabs" so that one can open a link from a page without leaving that original page. yeah, internet explorer is adding that feature, and others; but one must always bear in mind the "embrace, extinguish and extend" philosophy behind that monolith: it will work for them much better than it will work for you!)

other things you can do: turn off java, javascript, activex and flash. yup! that is gonna mess up a whole bunch of internet! but would you rather be safe, or open to all sorts of stuff? mainstream tools make it look like one is all sorts of "protected" ... but what is the "cost" of that "protection"? anything that is sitting down there in the system tray when you start your puter is using up resources that you could be using, "just in case" you actually want to use the application(s). start-up cop, or even simply, msconfig, will allow you not load all that stuff at start-up. run only what you need to run when you need to use it. sure, it might take a whole 10 seconds longer to start it, but it ain't there in the background doing who-knows-what while you are doing other stuff

as to "what and where"; toss the questions, let's see if we can get a bit better understanding of what/where, eh? if you want, you can email me, or we can do it here ...

Thanks Brothas James and AnAfrican,

Y'all are speaking another language to my ears. :( All I know is that my computer is firewalled, and I do have a dlink wireless router, that I currently don't use. When I do plan to use it again, I know I'll have to call Verizon to help me re-configure it, because I changed my westell modem. My security settings are set pretty tight, which means I have to authorize all pop-ups. It's annoying, but it makes me feel safer.

Well, I'm going to tackle those sites you provided through the link, and hopefully get some edumacation, but it'll be hard. This stuff is greek to me. I don't know what half of those things are or where they are located.

Thank you both again for your advice!:)

-Aglo