Symantec/Trendmicro updates suffers

Discussion in 'other anti-virus software' started by Paul Wilders, May 24, 2004.

Thread Status:
Not open for further replies.
  1. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    source: http://isc.sans.org

    regards.

    paul
     
  2. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    I just though i would report that my NAV2003 updated fine today. I never use the automatic update, and instead click the live update button (just the way i am used to doing it)

    I heard something vague but interesting about live update. Had you heard? Within the last week or so there was an update to Norton's "Redirector" after installing this, myself and other user's found a new process starting up automatically called "SNDMon.exe". At this point Norton users took on of two divergent paths:

    1 - Like me, just figure your antivirus is on your side and leave it alone

    2 - Panic, and take it out of the autostart of windows

    Now, come to think of it this is probably off topic, even more than usual for me (sorry) but what i heard was that without SNDMon.exe NAV and F products were open to remote program code execution. in other words, it is fairly important that you allow this feature to run.

    I wish i could be more definitive about this, please, anyone feel free to correct me if i got it wrong

    - HandsOff
     
  3. charlesvar

    charlesvar Guest

    The security hole problem is with the Symantec firewalls:
    http://www.internetnews.com/dev-news/print.php/3353841

    SNDMon.exe issue:
    http://computercops.biz/forum82.html Symantec NetDriver Monitor thread & NIS thread

    http://www.windowsbbs.com/showthread.php?t=30524 My experience with the issue

    Regards - Charles
     
  4. backfolder

    backfolder Registered Member

    Joined:
    May 25, 2004
    Posts:
    72
    Location:
    Spain
    Good to know!
    I think I´m gonna move to Kerio again. NIS2004 (only firewall) it´s very heavy in sys-res, worse if you add security holes to a firewall.
    Any suggestion before move to other FW is wellcome.

    backfolder.-
     
Loading...
Thread Status:
Not open for further replies.