Vulnerability in Symantec LiveUpdate

Symantec has issued an alert that a vulnerability in Symantec LiveUpdate can be exploited by malicious users to gain privileges on a vulnerable system.

"If the system is configured as a multi-user system with privileged and non-privileged user access, a non-privileged user could potentially access and manipulate the Symantec Automatic LiveUpdate GUI functionality to gain privileged system access.

Affected products:
Symantec Windows LiveUpdate 1.70.x through 1.90.x
Symantec Norton SystemWorks 2001-2004
Symantec Norton AntiVirus and Norton AntiVirus Pro 2001-2004
Symantec Norton Internet Security and Norton Internet Security Pro 2001-2004
Symantec AntiVirus for Handhelds v3.0

Read the bulletin at http://www.sarc.com/avcenter/security/Content/2004.01.12.html

Join the newsletter!

Or
Error: Please check your email address.

More about Symantec

Show Comments