A flaw affecting many Symantec security products - both consumer and enterprise - has been discovered. Users of Symantec's Norton Internet Security 2005, Norton AntiVirus 2005, Norton Antivirus for Macs, corporate anti-virus apps and Brightmail anti-spam software (among others) all need to apply patches following the discovery of the "critical" security bug. In all 40 packages are affected.

The vulnerability stems from a flaw in an library component (called Dec2Rar.dll) involving the processing of RAR archives. This vulnerability can be exploited as a means to inject hostile code onto vulnerable systems when a malicious RAR file is scanned. The flaw affects Dec2Rar.dll version 3.2.14.3 and potentially hits all Symantec products that use the library file, hence the large number of affected packages.

Users are advised to update their software, as explained in Symantec's advisory here. The glitch was discovered by security researcher Alex Wheeler, who's discovered many similar patches in anti-virus packages over recent months, most of which involve the processing of various types of archive file. His advisory can be found here. ®

Related stories

• Symantec security products less than secure (9 August 2007)
• Faulty CA update crashes Win 2003 servers (6 September 2006)
• 'Keylogger text' spooks Symantec (3 March 2006)
• Microsoft details Windows anti-virus pricing (8 February 2006)
• Kaspersky in heap-based buffer overflow vuln (4 October 2005)
• Sophos bug highlights wider anti-virus flaws (29 July 2005)
• Security products 'riddled' with bugs (20 June 2005)
• Anti-virus vulnerabilities strike again (18 March 2005)