Symantec, McAfee, and Computer Associates have all fixed serious flaws in their software with recent patches and updates.
Symantec, McAfee, and Computer Associates have all recently announced fixes for vulnerabilities in their products.
McAfee's advisory describes problems, which were actually patched silently in March, in a variety of products including VirusScan and the company's Internet Security Suite . Flawed ActiveX controls could be exploited by malicious Web sites to run arbitrary code.
Symantec's issues with an ActiveX control in Norton Internet Security 2006 could also lead to arbitrary code execution. They have also been fixed through updates that are available through LiveUpdate.
CA's problems , in its CA Anti-Virus for the Enterprise, CA Threat Manager, and CA Anti-Spyware, are more difficult to exploit. They require local access, meaning the attacker has to get a program on the user's system and run it first. They could lead to elevated privileges. They have also been fixed by updates through normal channels.
Copyright 2007 by Ziff Davis Media, Distributed by United Press International
Related stories:
Critical QuickTime Update Released
Apple has fixed a bad QuickTime security flaw exposed at a recent security conference.
IBM Plugs Two Holes in Lotus Domino Security
The company patches flaws that could have allowed hackers to execute code remotely in Lotus Domino Web Access, Lotus Domino Server 7.0.1
NFL defenses finally go high tech
Can you hear me? Can you hear me now? The all-too-familiar cell phone refrain can now be heard on NFL fields every Sunday, as defensive coaches this season were given the go-ahead to radio calls into their players' helmets. Quarterbacks have had speakers in their helmets since 1994, and now, for the first time in league history, selected linebackers and safeties enjoy the same benefit.
Optical firewall aims to clear internet security bottlenecks
(PhysOrg.com) -- European researchers are developing the world’s first optical firewall capable of analysing data on fibre optic networks at speeds of 40 gigabits per second. Their work promises to save the internet from the looming threat of network security bottlenecks.
Google G1 Phone: Security Flaw Exposed
(PhysOrg.com) -- A group of Security Researchers exposed a security flaw in Google´s G1 Android phone. The flaw is in the web browser on the T-Mobile G1 that can potentially allow Trojans and Keyloggers to install themselves on your phone if you visit a website with malicious code.
Landmark study reports breakdown in biotech patent system
The world's intellectual property system is broken. It's stopping lifesaving technologies from reaching the people who need them most in developed and developing countries, according to the authors of a report released in Ottawa today by an international coalition of experts.
Keeping an eye on intruders
Electronic fingerprinting, iris scans, and signature recognition software are all becoming commonplace biometrics for user authentication and security. However, they all suffer from one major drawback - they can be spoofed by a sufficiently sophisticated intruder. Writing in the
International Journal of Biometrics, Japanese researchers describe a new approach based on a person's reflexes that could never be copied, forged, or spoofed.
Measuring the auditory dynamics of selective attention
Call it the cocktail party effect: how an individual can participate in a one-on-one conversation within a cluster of people, switch to another, pick up important comments while tuning out others, change topics and return to the first conversation.