[ISN] Symantec creates havoc with unsigned Norton patch

From: InfoSec News <alerts_at_private>
Date: Wed, 11 Mar 2009 01:07:41 -0600 (CST)
http://news.cnet.com/8301-1009_3-10192899-83.html

By Elinor Mills
Security
News.com
March 10, 2009

Symantec released a diagnostic patch for some of its older Norton 
products on Monday night that did not identify its origin and thus 
triggered alerts on user firewalls, the company said Tuesday.

The patch for 2006 and 2007 versions of Norton Internet Security and 
Norton Antivirus, a program dubbed "PFST.exe," (Product Information 
Framework Trouble Shooter) was distributed to collect anonymous 
statistics on matters such as how many computers are using the products 
and what operating system they are running, Jeff Kyle, group product 
manager for Symantec consumer products, said Tuesday.

Because it was unsigned--a result of human error--firewalls started 
prompting users with messages asking them if they trust the patch, Kyle 
said. Of course, because the patch had no signature indicating it was 
from Symantec, users didn't know whether to trust it and many of them 
went to the Norton user forum for answers.

The company pulled the patch after three hours and then unwittingly laid 
the groundwork for conspiracy theorists after it started deleting forum 
posts related to the matter. The company was not censoring the posts, 
but fighting off a spam attack, according to Kyle.

[...]


_______________________________________________      
Best Selling Security Books and More!
http://www.shopinfosecnews.org/
Received on Wed Mar 11 2009 - 00:07:41 PDT

This archive was generated by hypermail 2.2.0 : Wed Mar 11 2009 - 00:14:54 PDT