14 DAY TRIAL // Symantec Norton Firewall is once again vulnerable to attacks after a highly critical flaw was discovered in the security solution. According to a security advisory released by Symantec, the impacted products are Norton Interne Security 2004 and Norton Personal Firewall 2004, both of them being affected by the same flaw. Symantec rated the vulnerability with a medium risk impact sustaining that the only solution is to update the two products through the LiveUpdate function.
"CERT notified Symantec that a buffer overflow exists in an ActiveX Control used by Norton Personal Firewall. The error occurs in the Get() and Set() functions used by ISAlertDataCOM, which is part of ISLALERT.DLL. A successful exploit of this vulnerability could potentially allow the remote execution of code on a vulnerable system, with the rights of the logged-in user," Symantec sustained in the advisory.
It seems that a successful exploitation of the vulnerability can be conducted only through a malicious HTML file that contains dangerous codes. Most of the attacks made using this method are often conducted with the help of email messages that include malicious link to the modified HTML file. "Symantec recommends any affected customers update their product immediately to protect against potential attempts to exploit this vulnerability," the company added in the advisory.
At this time, there is no 100 percent safe solution to protect our computer because even the products that are especially designed to defend the systems are vulnerable to attacks. However, most of the exploitations are requiring the users' approval so, if you want to avoid dangerous intruders, you should avoid clicking and opening malicious or unknown files. Symantec is one of the most famous security companies on the Internet so, even if this firm is affected by vulnerabilities, it's obvious that our computers are opened to attacks started by dangerous Internet users.