Vulnerability in Symantec LiveUpdate

Symantec has issued an alert that a vulnerability in Symantec LiveUpdate can be exploited by malicious users to gain privileges on a vulnerable system.

"If the system is configured as a multi-user system with privileged and non-privileged user access, a non-privileged user could potentially access and manipulate the Symantec Automatic LiveUpdate GUI functionality to gain privileged system access.

Affected products:
Symantec Windows LiveUpdate 1.70.x through 1.90.x
Symantec Norton SystemWorks 2001-2004
Symantec Norton AntiVirus and Norton AntiVirus Pro 2001-2004
Symantec Norton Internet Security and Norton Internet Security Pro 2001-2004
Symantec AntiVirus for Handhelds v3.0

Read the bulletin at http://www.sarc.com/avcenter/security/Content/2004.01.12.html

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Symantec

Show Comments