Symantec and Trend grapple with buffer overflow bugs
Who guards the guards?
Regcast training : Hyper-V 3.0, VM high availability and disaster recovery
Security products from both Trend Micro and Symantec - two of the big three anti-virus players - have become the subject of serious security vulnerabilities.
Errors in Symantec's Decomposer engine create a denial of service or system compromise risk for several enterprise security products (such as Mail Security for Microsoft Exchange and AntiVirus for Network Attached Storage).
Vulnerabilities triggered when processing malformed RAR archive files might be used to inject malware onto vulnerable systems (in the most serious case) or crash servers.
Security researchers at iDefense discovered the flaws. Symantec published an advisory on Tuesday explaining how sys admins can update their software.
Decomposer components decompress or unpack files. The components have been something of a weak spot in Symantec products of late. As well as being the root cause of the latest security bugs, troubles in updating Decomposer files were behind an error-generating bug that caused all sorts of grief for corporate sys admins earlier this month.
Separately, independent security researchers have discovered buffer overflow bugs in OfficeScan and Policy Server software packages from Trend Micro. Sys admins are advised to restrict network access to the services pending the availability of patches. ®
COMMENTS
RE: Awful Quality
I don't care much about Symantec, but comparing them to AVG is not a fair comparison.
AV packages are a lot more than scanners nowadays, and if you buy a kit from AVG that contains only various scanners (Malware, Spyware, Rootkit) of course it will be lighter than Symantec, but it will also offer a lot worse protection.
Just having plain scanner solution is not enough nowadays.
1. The most dangerous malware is the one that AV company has not seen yet, and there are more than 500 new cases per day. So AV reaction speed is not what it was.
2. Good part of the modern attacks come from direct exploits, such as drive by downloads or browser plugin attacks. And in those cases scanner based AV warns only when it is too late, if even then.
But that being said, there are a lot better solutions available than Symantec.
www.Symantec-Sucks.blogspot.com
If you get malware on your PC, then you MIGHT have stability issues and you MIGHT have performance issues. With Symantec Security software installed, you can remove all doubt.
Read it & weep: http://symantec-sucks.blogspot.com/
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
