Bonusgambler.com - Win Rar
Bonusgambler.com Links Directory logo

Bonusgambler.com - Online Player Help
Search : Directory Search
Email:  

Gambling Help Resources: Sign up for FREE to the best Newsletter on gambling!
We track all the great gambling sites out there and help you zero in on the really great deals.
Bonusgambler.com - win rar
"We will show you how to safely gamble, bet and play online."
B. Paul, Editor, Bonusgambler.com

Symantec said vulnerability hit 63 products - RAR files and WinRAR

According to Information Week last December, a bug almost caused havoc when it "attacked" RAR files created by the WinRAR compression utility. Last December Symantec named more than 60 of its products as affected by the critical vulnerability disclosed a few days earlier and said it was pushing out a "heuristic" detection that would spot potential exploits. However, no patches had yet been released.

The number of impacted products was among the largest ever for a single vulnerability, and demonstrated the risk of reusing code in a large group of programs.

The bug, which was made public in December by researcher Alex Wheeler, is in how Symantec's Antivirus Library, part of virtually all the Cupertino, Calif.-based security giant's programs, handles RAR compressed files. RAR files are created by the WinRAR compression utility, developed and sold by RarLab.

In an advisory released in December, Symantec listed 48 enterprise titles and 15 consumer products that used the flawed Library. On the consumer side, the 2006 versions of Norton Antivirus, Internet Security, System Works, and Personal Firewall are open to attack. Corporate titles such as Norton Antivirus for Microsoft Exchange, Bright Mail Antispam, and Antivirus for Handhelds are also on the list.

Only a few programs were not affected, including earlier editions of Symantec Antivirus Corporate Edition and Symantec Client Security.

The only protection for the time being was a special detection capability that Symantec is downloading to users' systems.

"Heuristic detection for potential exploits targeting this vulnerability is available from Live Update", Symantec said in an alert published to its Deep Sight Threat Management System customers. "This detection is available to all desktop, server, and gateway product versions of Symantec's security products and appliances that contain the vulnerability".

The company is working on patches for the affected products, but hasn't given a timeline for completing the fixes. In the meantime, it urged all users to run Live Update to download the heuristic detection.

Symantec also downplayed the threat, stating in the advisory that "till date, Symantec has not had any reports of related exploits of this vulnerability".

Source: BonusGambler.com Editors' Choice

 

© 2006 BonusGambler.com
Search Amazon, Ebay and Paid Listings
Valid XHTML Valid CSS