Symantec Corp. has confirmed flaws in its most popular consumer security software that could give attackers the means to hijack the Windows PCs that the programs are supposed to protect.

The vulnerabilities are in an ActiveX control that ships with several products, including Norton AntiVirus, Norton Internet Security, Norton SystemWorks and Norton 360.

Ironically, Symantec analysts have both cited the popularity of ActiveX bugs and urged caution when using the controls in comments about other companies’ product flaws.

According to alerts released Wednesday by VeriSign Inc.’s iDefense, the ActiveX control SymAData.dll sports two vulnerabilities that could be used “to execute arbitrary code with the privileges of the currently logged in user” by attackers able to entice victims to malicious Web sites.

Click here to read the rest of the story…

This entry was posted on Friday, April 4th, 2008 at 10:39 pm and is filed under News. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.