Symantec, McAfee, and Computer Associates, all the three security bigwigs, recently said to patch up flaws in their products. McAfee’s advisory explains tribulations, which were in fact fixed mutely in March, in a range of products comprising VirusScan and the company’s Internet Security Suite. Flawed ActiveX controls is expected to be exploited by nasty Web sites to sprint arbitrary code.
Symantec’s tribulations with an ActiveX control in Norton Internet Security 2006 is also expected to land to arbitrary code execution. They have also been patched up via updates that can be availed via LiveUpdate.
CA’s tribulations, in its CA Anti-Virus for the Enterprise, CA Threat Manager, and CA Anti-Spyware, are potentially hard to exploit. They need local access, means hackers will have to obtain a program on the user’s system and sprint it initially. They may possibly guide to lofty privileges. They have also been patched up by updates via usual channels.
