[outdated news] Hackers can turn off Norton AntiVirus protection

[Terry Ganzi]

Summary: Norton AntiVirus, one of Symantec's most popular Internet security products, contains a security flaw that could allow malicious users to easily disable the software's auto-protect feature, according to an advisory by security Web site Secunia.According to Secunia, the software's auto-protect function, which is designed to recognise and halt suspicious behaviour in real-time, contains an error that could allow a malicious user to disable it altogether.


Norton AntiVirus, one of Symantec's most popular Internet security products, contains a security flaw that could allow malicious users to easily disable the software's auto-protect feature, according to an advisory by security Web site Secunia.
According to Secunia, the software's auto-protect function, which is designed to recognise and halt suspicious behaviour in real-time, contains an error that could allow a malicious user to disable it altogether.

"This can be exploited by an unprivileged user to force the auto-protection to be disabled... It can further be exploited to download and execute malicious files that normally would be caught by the antivirus program," the advisory warned.

Norton Internet Security 2004 is affected but Norton Internet Security 2004 Professional and Symantec Norton AntiVirus 2004 are also likely to be vulnerable.

Security researcher Daniel Milisic, who has been credited with discovering the problem, last week criticised Symantec's Norton AntiVirus on a security mailing list.

"Symantec should be publicly flogged for trying to sell this inferior AV software to home users, especially knowing they have a decently workable AV product in their Enterprise line... It's unbelievable that Symantec sells a product that operates this poorly," said Milisic.

ZDNet Australia contacted Symantec about the problem but the company refused to comment. A spokesperson told ZDNet Australia that the company would "know more in 24 hours".

 

[Terry Ganzi]

& if you think that's all read the replys.

• I swear this has been happening for quite some time and not just with NAV! It happened to 2 clients of mine around 6 months ago.
  There are plenty of viruses and adware junk that seem to be able to do this with ease.
  That the incompetents at Symantec have only just figured this out is astounding. NAV is usless bloatware, but just like Telstra, they retain their market share by preying on the ignorance of the general public, who go with whatever company spends the most on advertising.
  
  The free anti-virus scanner AVG (www.grisoft.com) consistently provides better protection than NAV and it won't cost the user a single red cent.
  
  
  
  anonymous
  
  
• This is also a problem with their Enterprise or Corporate version 9.0.0.1400 product. Auto-enable is disabled if fast-user switching is enabled on an XP machine.
  
  
  
  anonymous
  
  
  
• The major reason I switched from Norton to Kaspersky is because Norton does not find nearly as many viruses on my system as Kaspersky found. Funny how these industry leaders get greedy fast and stop making a quality product at the expense of their consumers' pocketbook. As an IT consultant I have a fairly good idea about how this company's dynamic works. They often package their products with computer systems, such as Dell with time-limited trials. Once the trial period ends, it seems the consumer is lulled into a false sense of security and purchase a license extension on a product that claims to protect their system. In actuallity it is letting viruses through and leading the consumer to believe that because they perform regular virus scans that report back that the system is clean, when it isn't.
  
  
  
  anonymous
  
  
  
• My auto-protect has been disabled in my Norton Antivirus. It took nearly an hour to find out what to do about it and now I can't do the fix. I cannot uninstall and then reinstall the program because I downloaded it on the internet.
  And, I find no way to directly or indirectly contact Norton to take care of the problem. What an A-- hole company. They have plenty of avenues to buy their crap but not to fix it.
  
  
  
  anonymous
  
  
• My auto-protect has been disabled in my Norton Antivirus. It took nearly an hour to find out what to do about it and now I can't do the fix. I cannot uninstall and then reinstall the program because I downloaded it on the internet.
  And, I find no way to directly or indirectly contact Norton to take care of the problem. What a company. They have plenty of avenues to buy their crap but not to fix it.
  
  
  
  anonymous
  
  
• As an user of NAV 2004, I would like to know what action has been taken to rectify the flaws by Symantec. If not corrected so far, I would change to
  Mcaffee software .
  
  
  
  anonymous
  

 

[Oxygen]

Uhm.... I'm pretty sure they can turn off anything they want to................

 

[mmmory]

Bad news for Norton 2004 users, if they still exist..

 

[randj89]

Uhm.... I'm pretty sure they can turn off anything they want to................

True!

 

[wisd0m]

it happened to me while I was testing Norton Internet Security on a VM and when I uninstalled Norton I couldn't install any antivirus at all

 

[randj89]

it happened to me while I was testing Norton Internet Security on a VM and when I uninstalled Norton I couldn't install any antivirus at all

That's why I always use their own removal tools!

 

[Littlebits]

Bad news for Norton 2004 users, if they still exist..

This only applies to Norton 2004, if someone hasn't upgraded in 10 years what do they expect?
I'm shocked that Symantec still supports a 10 year old version.

Enjoy!!

 

[randj89]

This only applies to Norton 2004, if someone hasn't upgraded in 10 years what do they expect?
I'm shocked that Symantec still supports a 10 year old version.

Enjoy!!

LOL hahah I'm surprised too I can't believe they support that software yet.

 

[mmmory]

This only applies to Norton 2004, if someone hasn't upgraded in 10 years what do they expect?
I'm shocked that Symantec still supports a 10 year old version.

Enjoy!!

The article is from 2004 anyway, don't really know why he posted this...

 

[Littlebits]

The article is from 2004 anyway, don't really know why he posted this...

You are correct posted October 19, 2004, news from 10 years ago.
I didn't even notice this before.

Thanks.

 

[Koroke San]

 

[kjdemuth]

Maybe Terry got hacked by the Trojan.PostOldStories.infected.

 

[Oxygen]

Pointless thread because

"By Munir Kotadia | October 19, 2004 -- 02:56 GMT (19:56 PDT)"

 

[Terry Ganzi]

All forumers i'm duly sorry about this post & any damage it has or will put on the norton family,i was wrong to post it.

 

[Deleted member 178]

the post is outdated but still contains valuable infos

 

[randj89]

D

All forumers i'm duly sorry about this post & any damage it has or will put on the norton family,i was wrong to post it.

dont worry man. It happens and we are human we can get confused anytime.

 

[Cats-4_Owners-2]

Terry G, have no regrets while also being kind & forgiving to yourself. Alright? You'll notice how most everyone here understands, and notice that most responses read as very supportive toward what you shared which says more about how members hold you in respect far more than any interest in any not so current event!

 

[Terry Ganzi]

Thank you all for the support.

 

[Littlebits]

All forumers i'm duly sorry about this post & any damage it has or will put on the norton family,i was wrong to post it.

No problem it was a good test just to see how well we can read and also was a good laugh.

I think I read it three times before even noticed the date.

Enjoy!!