By Robert Lemos, 25 June 2003 14:34
NEWS Security firm Symantec has admitted that a flawed piece of software may give hackers a path into customers' PCs. Symantec has issued a warning to users of its online Security Check service, admitting they have probably downloaded a flawed ActiveX control that could be used by an intruder as a path into the victim's PC. Security Check is meant to help people lock down their systems and loads an ActiveX script that aids in scanning a person's computer. Ironically, the ActiveX script, which remains on the computer even after scanning, contains a memory flaw that could be used by an attacker to break into the PC. Symantec has replaced the ActiveX component - which uses the name Symantec RuFSI Utility Class or Symantec RuFSI Registry Information Class - uploaded by the site with a new one that overwrites the old software and solves the problem. "Recent visitors to Symantec Security Check should revisit the site and run a new security scan," the company stated in its advisory. ActiveX is a Microsoft technology for running small programs, or scripts, using a special language understood by Internet Explorer. The technology has been a source of some major flaws for the Windows platform. The components are stored in the registry portion of the operating system. The advisory appeared two days after an independent security researcher revealed the flaw on the Full Disclosure security list. Cesar Cerrudo, who discovered the flaw, said "this is really funny. Symantec tries to protect users and they introduce dangerous ActiveX controls in user's computers" instead. Cerrudo said he neither tried to contact Symantec about the warning nor gave them 30 days, a standard grace period, to fix the flaw. "I forgot about the 30-day grace period... also I forgot to report it," he wrote in his own advisory, tacking a smiley emoticon to the end. Symantec wasn't pleased by the lack of a warning. The company wrote "it is ours as well as much of the security community's belief that premature disclosure can pose a serious threat to the internet. Such disclosure should be discouraged." Robert Lemos writes for News.com
In order to post a comment you need to be registered and logged in.
Log in or create your silicon.com account below