Friday, March 1, 2024

Bugs Found in Symantec Firewalls

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Symantec Corp., one of the major security companies, announced four vulnerabilities in its client-based firewall products today.

The problems, which were reported to Symantec by eEye Digital Security, a network security vendor, affect Windows systems. Symantec reports that by properly exploiting these issues, an attacker could render the targeted system inoperable or execute remote code with kernel-level privileges on the targeted system.

All issues occur within routines in the SYMDNS.SYS component, according to a statement posted on the Symantec site.

Products affected include Symantec Client Firewall versions 5.0.0 through 5.1.1; Symantec Client Security 1.0.0, 1.1.0 and 2.0.0; Norton AntiSpam 2004; Norton Internet Security 2002 through 2004; and Norton Internet Security Professional Edition 2002 through 2004.

Symantec confirmed the vulnerabilities exist in the consumer and corporate Symantec Client Firewall applications, as well as in Symantec’s Norton AntiSpam 2004 application. Symantec product engineers have developed fixes for the issues and released patches for all impacted products through Symantec LiveUpdate and technical support channels.

Clients running consumer versions of the affected products who regularly run a manual Symantec LiveUpdate should already be protected against this issue. However, to be sure they are fully protected, customers should manually run Symantec LiveUpdate to ensure all available updates are installed.

Clients running the corporate versions of Symantec Client Firewall or Symantec Client Security should download and apply patches obtained through their appropriate support channels.

Symantec analysts say they are not aware of any active attempts to exploit the vulnerabilities.

Subscribe to Data Insider

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

Similar articles

Get the Free Newsletter!

Subscribe to Data Insider for top news, trends & analysis

Latest Articles