Security software insecure

ONLINE SECURITY firm Symantec said some of it anti-virus software has holes in it.

The company admitted its Norton Antivirus, Norton Internet Security and Norton System Works, 2004 and 2005 editions, were so flawed hackers could quite easily sneak in and knobble computers running the software.

Japan's Information-Technology Promotion Agency told Symantec about one situation with both Windows versions of Norton AntiVirus 2004 and 2005, where a real-time scan of a specific file type can cause the Blue Screen of Death to appear.

The programs' Auto-Protect and SmartScan features were found to be faulty and susceptible to Denial of Service attacks.

Red-faced company engineers released patches for the holes and distributed updates to users of its LiveUpdate automatic update service.

Symantec said it assessed the Risk Impact of the discoveries as low. Here's Symantec's security response. µ