Patch/Configuration Management, Vulnerability Management

Symantec fixes Norton chat hole

Symantec has fixed a vulnerability in its Norton security products allowing hackers to type in a simple code word to knock users out of online chat rooms.

The vulnerability, posted by a blogger nicknamed HM2K, lets "script kiddies" – inexperienced hackers who use scripts to launch attacks - kick Norton Internet Security and Personal Firewall users out of internet relay chat (IRC) networks.

The exploit, which forced users to immediately quit without warning, is used for annoyance, not financial gain. Since the posting, many pranksters took advantage of the vulnerability, according to the blog.

"When you type 'startkeylogger' in a populated IRC channel, you will notice that many of the clients in the channel quit, with the quit message: 'Read error: Connection reset by peer,'" the blogger said. "Fun! Fun! Fun!"

"Symantec identified reports on the internet about the usage of certain control commands associated with malware when used within a populated IRC channel," a company spokesman said. "Based on how a user has defined his detection settings for Norton Internet Security, Norton Personal Firewall and Symantec Client Firewall, these products may detect these malware control command as potentially malicious activity and block communication."

"While this approach allows for greater accuracy, it is very stringent," the spokesman added. "In the above instance, these malicious control commands can temporarily disconnect the IRC channel as a precaution. This scenario appears to have impacted a very small number of customers."

According to responses made to the blogger's original post, several chat forums now are filtering the code word so it will not cause users to quit.

In an unrelated Symantec issue, the anti-virus giant announced Thursday it has teamed up with Adobe to offer customers a complimentary trial and special pricing when they download the latest version of Adobe Reader.

"Adobe's trusted PDF document format and Symantec's strong track record of security and protection remove barriers to consumers getting the most out of using the internet," said Kurt Garbe, vice president of Platform, Adobe Systems.


Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.