Science and Technology : Symantec AntiVirus Worm Hole Puts Millions at Risk

Discussion in 'Science and Technology' started by anAfrican, May 27, 2006.

  1. anAfrican

    anAfrican Well-Known Member MEMBER

    Country:
    United States
    Joined:
    Feb 1, 2005
    Messages:
    3,484
    Likes Received:
    711
    Gender:
    Male
    Occupation:
    The Meek !Shall! Inherit the Earth.
    Location:
    StreetNationEarth: Seattle
    Ratings:
    +745
    A gaping security flaw in the latest versions of Symantec's anti-virus software suite could put millions of users at risk of a debilitating worm attack, Internet security experts warned May 25.

    Researchers at eEye Digital Security, the company that discovered the flaw, said it could be exploited by remote hackers to take complete control of the target machine "without any user action."

    "This is definitely wormable. Once exploited, you get a command shell that gives you complete access to the machine. You can remove, edit or destroy files at will," said eEye Digital Security spokesperson Mike Puterbaugh.

    continued
     
  2. OmowaleX

    OmowaleX Well-Known Member MEMBER

    Joined:
    Jun 23, 2002
    Messages:
    2,414
    Likes Received:
    39
    Gender:
    Male
    Occupation:
    Educator
    Location:
    Aztlan
    Ratings:
    +42
    Thanks brother anAfrican!

    I recently uninstalled not only norton but mac afee and reverted to an earlier, out of date version of norton. have not had browser problems since, except for some sites which have not updated their flash technology or have out of date plug-ins. *hint*
     
  3. jamesfrmphilly

    jamesfrmphilly going above and beyond PREMIUM MEMBER

    Country:
    United States
    Joined:
    Jun 18, 2004
    Messages:
    32,002
    Likes Received:
    11,479
    Gender:
    Male
    Occupation:
    retired computer geek
    Location:
    north philly ghetto
    Ratings:
    +13,735
    by coincidence i got a download from norton 5/25
     
  4. Sami_RaMaati

    Sami_RaMaati Well-Known Member MEMBER

    Country:
    United States
    Joined:
    Feb 2, 2006
    Messages:
    534
    Likes Received:
    168
    Ratings:
    +243
  5. jamesfrmphilly

    jamesfrmphilly going above and beyond PREMIUM MEMBER

    Country:
    United States
    Joined:
    Jun 18, 2004
    Messages:
    32,002
    Likes Received:
    11,479
    Gender:
    Male
    Occupation:
    retired computer geek
    Location:
    north philly ghetto
    Ratings:
    +13,735
    do you have a router?
    i have norton internet security suite running behind a router.
    i don't have a problem.

    the zonealarm suite is rated higher than norton and when my norton subscription is up i may switch.
    check out the sticky thread on protection.
    you should never have internet without protection.
     
  6. Slowly

    Slowly Well-Known Member MEMBER

    Joined:
    Feb 20, 2006
    Messages:
    405
    Likes Received:
    8
    Occupation:
    electronic technician
    Location:
    Pacific NW
    Ratings:
    +8
    I use the free version of these guys software. Been going on almost 8 years or more any never had any problem. I've tried all those others and there is always some patch or something to get them to work with Windows updates or other software I might be installing.http://www.avast.com/
     
  7. anAfrican

    anAfrican Well-Known Member MEMBER

    Country:
    United States
    Joined:
    Feb 1, 2005
    Messages:
    3,484
    Likes Received:
    711
    Gender:
    Male
    Occupation:
    The Meek !Shall! Inherit the Earth.
    Location:
    StreetNationEarth: Seattle
    Ratings:
    +745
    good!! "be very, very afraid!" .. or, at least, very wary of the "solutions" that "mainstream" application/os/computer vendors present: they are out to make money. and they do not at all mind that the big-bucks marketing campaigns they use gloss over "problems".

    as in all things: one must educate oneself on just what this stuff is, how it works and what it means. after all, "the price of freedom is eternal vigilance" .. sort of fits in with lots of things we face on a daily, don't it?

    personally, i've always had problems (when i ran windows) with za, any/all norton/symantec, or most of the stuff that the industry claims to "work best with windows". <shrug> but, that's mostly because i will always be a "do-it-yourselfer". the industry "hates" "us" because they can't make as much money off of someone that will fix stuff for themselves; figure out whether or not it is good for me _before_ the purchase; and just flat won't even look at the expensive options. oops; sorry - can't seem to ever keep from ranting about the bs ...

    i use, when setting up a windows box, avg, spybot s&d, spywareblaster. i, personally, have yet to find a firewall product that i like/trust for use on windows: my firewall/gateway is an old computer running FreeBSD and pf (packetfilter; one of several firewalling tools available, FREE, in an open source operating system environment). any of them that i set up, i turn off automatic updates; i'd much rather be there to see where my computer is going to to get stuff, as well as wanting to know what is being downloaded/installed. as such, i make it a habit to take time out, every couple of days, to go through an update cycle for all of them.

    as brother james said, there are some pointers here.

    the absolute scariest bit about the entire industry is that the industry is always involved in seeking to improve their products as well as improving on whatever it is that makes their product the "must have". while that is a good thing, the methods used are exactly the methods used by "malware"; most products will "report in" under a variance circumstances - "subscriptions" being one of them. when i buy something, i feel that it is mine; it is no one else's business what i do with it ("negative" or damaging uses of things is something that i will not do); and i will update it when i want to update it. in truth; i am absolutely no one's friend!!
     
  8. anAfrican

    anAfrican Well-Known Member MEMBER

    Country:
    United States
    Joined:
    Feb 1, 2005
    Messages:
    3,484
    Likes Received:
    711
    Gender:
    Male
    Occupation:
    The Meek !Shall! Inherit the Earth.
    Location:
    StreetNationEarth: Seattle
    Ratings:
    +745
    yeah; i know about the "glazed eyes" thing when talking about this stuff. but that is a direct result of the way this stuff has been "marketed": if one knows stuff about this stuff, then one can't continue to have the wool dragged over one's eyes. indeed; learning new stuff is hard, especially when self-learning is so looked down upon.

    on the other hand; you do have the tools on hand to do what you need!

    on the one hand, that router prolly has a firewall in it. on the other, this new-fangled wireless stuff is even trickier than other stuff. but, if one wants to play the game, one must learn the rules.

    what say "we" get to know that router and how to configure it? first step: which model router is it? there is bound to be a user's manual at dlink's website. do you have your set-up configured as phone -> westell -> computer? do you have more than one puter in the house? xp (sp2) and windows firewall <shudder!!!!>?

    "security settings tight" and "authorize pop-ups": sounds like internet explorer. i know that it is not a "popular" idea, don't use internet explorer (or outlook/express, or office, or, for that matter; windows). (and you thought i was about to make it easier!) firefox (well, i still prefer mozilla) has all that pop-up blocking stuff built in. (it also has "tabs" so that one can open a link from a page without leaving that original page. yeah, internet explorer is adding that feature, and others; but one must always bear in mind the "embrace, extinguish and extend" philosophy behind that monolith: it will work for them much better than it will work for you!)

    other things you can do: turn off java, javascript, activex and flash. yup! that is gonna mess up a whole bunch of internet! but would you rather be safe, or open to all sorts of stuff? mainstream tools make it look like one is all sorts of "protected" ... but what is the "cost" of that "protection"? anything that is sitting down there in the system tray when you start your puter is using up resources that you could be using, "just in case" you actually want to use the application(s). start-up cop, or even simply, msconfig, will allow you not load all that stuff at start-up. run only what you need to run when you need to use it. sure, it might take a whole 10 seconds longer to start it, but it ain't there in the background doing who-knows-what while you are doing other stuff

    as to "what and where"; toss the questions, let's see if we can get a bit better understanding of what/where, eh? if you want, you can email me, or we can do it here ...