[Full-Disclosure] Nortons Liveupdate - problem?

From: Gregh (chows_at_ozemail.com.au)
Date: 01/19/04

Next message: Joshua Levitsky: "Re: [Full-Disclosure] Nortons Liveupdate - problem?"

Previous message: EnGarde Secure Linux: "[Full-Disclosure] [ESA-20040119-002] 'tcpdump' multiple vulnerabilities."
Next in thread: Joshua Levitsky: "Re: [Full-Disclosure] Nortons Liveupdate - problem?"
Reply: Joshua Levitsky: "Re: [Full-Disclosure] Nortons Liveupdate - problem?"
Maybe reply: Kevin Brunson: "Re: [Full-Disclosure] Nortons Liveupdate - problem?"
Maybe reply: K_aneda: "Re: [Full-Disclosure] Nortons Liveupdate - problem?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Disclosure Full" <full-disclosure@lists.netsys.com>
Date: Tue, 20 Jan 2004 07:33:46 +1100

A lot of your customers may have your Nortons AV prog (I don't mean other
Nortons products, just the anti virus scanner though this may apply to their
other products, too) set to auto update when on Internet without
interrupting the user which IS a good idea normally. However, a few weeks
ago due to a stupid error on the part of a company Nortons uses, your AV
prog couldn't find their update site for the day. It didn't last long and
should have ended there.

Unfortunately, I have become aware, while fixing problems for people who use
Nortons, that their Nortons (2000, 2002 and 2004 versions) hadn't updated
for the last two weeks. So, I manually MADE it update and it did so just
fine. This isn't normal. Nortons usually auto updates fine and on each
machine where I have noted this (5 so far, all Nortons, all the same drop
off time), they have been without updates since that date and thus open to
newer stuff. Bagle should start hitting hard today and if what I fear is
correct, none of your Nortons users will be protected UNLESS you get them to
open their Nortons and run your LiveUpdate manually. 5 out of 5 machines all
stopped updating at the same period seems strange to me. There were 2 in one
user group, 2 in another company and one friend who I do work for on his
personal machine. These were 3 different sites in other words.

So, do yourselves a favour. I may be wrong but if I am not wrong, your users
are not protected. They MAY be protected automatically after manually
updating but I am not even 100% sure of that right now. Run Liveupdate
manually NOW and be sure!

Greg.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: Joshua Levitsky: "Re: [Full-Disclosure] Nortons Liveupdate - problem?"

Previous message: EnGarde Secure Linux: "[Full-Disclosure] [ESA-20040119-002] 'tcpdump' multiple vulnerabilities."
Next in thread: Joshua Levitsky: "Re: [Full-Disclosure] Nortons Liveupdate - problem?"
Reply: Joshua Levitsky: "Re: [Full-Disclosure] Nortons Liveupdate - problem?"
Maybe reply: Kevin Brunson: "Re: [Full-Disclosure] Nortons Liveupdate - problem?"
Maybe reply: K_aneda: "Re: [Full-Disclosure] Nortons Liveupdate - problem?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]