ABOUT SYMANTEC

Press Release

LinkedIn Facebook Twitter RSS

Symantec's Response to Vulnerability in Microsoft Agent ActiveX Control

Singapore – Sept. 13, 2007 – Today Microsoft issued information on four new security bulletins, one of which is critical.  The following summary provides Symantec’s evaluation of the critical issue.

Vulnerability in Microsoft Agent ActiveX control
Symantec Security Response rates the remote code execution vulnerability in Microsoft Agent ActiveX as critical since ActiveX controls run on a significant number of systems.  Consumers and enterprise users using Microsoft Windows 2000 are susceptible to exploits if they visit a malicious Web page.  A successful exploit could allow an attacker to install malicious code of his/her choice and potentially allow the attacker to gain complete control of the affected system. 

 “Symantec has observed a significant increase in ActiveX vulnerabilities this year,” said Ben Greenbaum, senior research manager, Symantec Security Response.  “Attackers are targeting trusted Web brands, such as social networking sites, and then waiting for their victims to come to them so they can exploit the vulnerability and gain access to the individual’s computer.  Due to the availability of public proof-of-concept code, we also think the MSN Messenger and Windows Live Messenger vulnerability is a high urgency issue.”

Symantec recommends the following actions for IT administrators in response to all of the Microsoft security bulletins:

  • Evaluate the possible impact of these vulnerabilities to critical systems.
  • Plan for required responses including patch deployment and implementation of security best practices using the appropriate security and availability solutions.
  • Take proactive steps to protect the integrity of networks and information.
  • Verify that appropriate data backup processes and safeguards are in place and effective.
  • Remind users to exercise caution in opening all unknown or unexpected e-mail attachments and in following Web links from unknown or unverified sources.

Symantec recommends the following actions for consumers:

  • Regularly run Windows Update and install the latest security patches to keep software up to date.
  • Avoid opening unknown or unexpected e-mail attachments or following Web links from unknown or unverified sources.
  • Use an Internet security solution such as Norton Internet Security 2008 or Norton 360 to protect against today's known threats and tomorrow's Internet security risks.

Additional information will be available on Symantec’s Security Response Blog shortly at: http://www.symantec.com/enterprise/security_response/weblog/

Additional information on Microsoft’s security bulletins can be found at: http://www.microsoft.com/technet/security/bulletin/ms07-sep.mspx

Symantec’s security experts will closely monitor these vulnerabilities and will provide updates and security content as necessary.  Please let me know if you have any questions or if you are interested in speaking with a Symantec expert about any of the Microsoft security bulletins.

About Symantec
Symantec is a global leader in infrastructure software, enabling businesses and consumers to have confidence in a connected world. The company helps customers protect their infrastructure, information and interactions by delivering software and services that address risks to security, availability, compliance and performance. Headquartered in Cupertino, Calif., Symantec has operations in 40 countries. More information is available at www.symantec.com.

NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at http://www.symantec.com/news. All prices noted are in U.S. dollars and are valid only in the United States.

Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

@Symantec