hackfix-virusnews: Symantec 'security scan' distributes rootkit
- From: "Christy" <snowz@xxxxxxxxxx>
- To: hackfix-virusnews@xxxxxxxxxxxxx
- Date: Wed, 16 Jul 2003 13:59:10 -0400
Symantec 'security scan' distributes rootkit
By Thomas C Greene in Washington
Posted: 15/07/2003 at 15:01 GMT
"Symantec Security Check is a free web-based tool
that enables users to test their computer's
exposure to a wide range of on-line threats," the
press release begins. Unfortunately, Symantec
Security Check has also been installing an on-line
threat of its own in the form of a dangerous ActiveX
control.
"The ActiveX control, named Symantec RuFSI Utility
Class or Symantec RuFSI Registry Information Class,
contains a buffer overflow exploit," the company
says, though we're nearly certain they mean that it's
exploitable, not that it's actually been infected
with something. But you never know; the press release
is one of those waffly ones that doesn't quite tell
you everything you want to hear.
The buffer overflow can be exploited by hip
Webmasters, and victims turning up at their sites
risk having malicious code run on their Windows
boxes.
Read more here:
http://www.theregister.co.uk/content/55/31752.html
=A9 The Register.
~*~*~*~*~
To unsubscribe from our list send an email
to hackfix-virusnews-request@xxxxxxxxxxxxx?Subject=unsubscribe.
For a complete list of email commands for our list send
an email to ecartis@xxxxxxxxxxxxx with a subject line of
"info hackfix-virusnews" without the quotes.
~*~*~*~*~
Other related posts:
- » hackfix-virusnews: Symantec 'security scan' distributes rootkit
