Norton Antivirus sticks to

Symantec released an update on August 8 to block a "deadly" flaw in a range of its security software products.

Information from the security firm said hackers could take full advantage of the security flaw to gain the right to run malicious software on the system.

The profound source of the security flaw is an error arising in two ActiveX Control integrated in Symantec's product. Accordingly, this error caused Symantec's software to lose the ability to control the source of input data, which could be mistakenly allowed to run malicious code.

Security firm Secunia classified the security error in Symantec software into 'extremely dangerous' level.

Symantec confirmed the 2006 version of Norton AntiVirus, Norton Internet Security, Norton System Works, Norton Internet Security 2006, and Anti Spyware Edition all made the same mistake. The two versions of AntiVirus Corporate Edition and Symantec Client Security are unharmed.

Johannes Ullrich - SANS Institue researcher - said the programming error of ActiveX Control is a common error but also extremely dangerous. It is not clear whether any kind of malicious code that has the ability to attack Symantec software errors has yet to appear because it is a very widely used product.

' I rate this as a dangerous security bug because anyone who uses Notorn Antivirus software can be attacked if they access any malicious website that has the exploit code .'

Users of Symantec products are advised to quickly use the built-in LiveUpdate feature to download and install patches as soon as possible.

Hoang Dung