Smokey's Security Weblog

veritas odium parit

After applying the Norton Internet Security/Norton AntiVirus 18.5 patch, the Norton product may lock up or cause the system to become unstable

Official Symantec/Norton statement regarding Norton Internet Security 2011 and Norton AntiVirus 2011 v18.5.0.125

12-11-2010

There have been several reports on the forums where after applying the Norton Internet Security/Norton AntiVirus 18.5 patch (is version 18.5.0.125), the Norton product may lock up or cause the system to become unstable.

While this issue only seems to affect a small number of installations, we’re still taking this issue seriously and are quickly researching the cause of this problem.

We will be halting the throttled LiveUpdate release of 18.5 for the time being while we investigate these issues.

If you are experiencing this issue and would like to assist us in gathering information (debug logs and process dumps) for this issue, please post a response in THIS THREAD. The more logs and dumps we get, the more information we have that will help us make the proper corrections.

If you are having these issues and need to revert your system back to 18.1 (is version 18.1.0.37), simply uninstall 18.5 using Control Panel (or Uninstall from the Norton Product Program Group), and reinstall 18.1 from the following locations:

  • Norton Internet Security 18.1 – http://www.norton.com/nis11
  • Norton AntiVirus 18.1 – http://www.norton.com/nav11
  • Norton Internet Security 18.1, Norton AntiVirus 18.1 and Norton Netbook Edition 18.1 in English, French, German and Dutch language (direct downloads from Symantec/Norton servers too) – http://smokeys.wordpress.com/2010/08/28/norton-internet-security-2011-and-norton-antivirus-2011-final-rtm-released/Some users are reporting troubles uninstalling. Try uninstalling from Safe Mode. If that fails, you can use the Norton Removal Tool.If you have 18.5, but are not experiencing any issues, it is advised that you remain on 18.5.
  • Update 12-29-2010

    Symantec Statement: “The issues that some users were experiencing where the Norton product would lock up after installing the 18.5 update was due to a definition that was applied after 18.5 was installed. Symantec have since corrected that definition and the issue will not occur.”

    Download Norton Internet Security 2011, Norton Antivirus 2011 and Norton Internet Security Netbook Edition 2011 v18.5.0.125 (patch 18.5, stable/official release) here: http://smokeys.wordpress.com/2010/12/29/norton-internet-security-2011-and-norton-antivirus-2011-v18-5-0-125-patch-18-5-released/

    December 12, 2010 Posted by | Advisories, Alerts, Anti-Virus, Downloads, Recommended External Security Related Links, Vulnerabilities | , , , , , , , , , , , , , , , , , , | 1 Comment

    Norton Internet Security 2011 and Norton Antivirus 2011 (Final RTM) released

    UPDATE Dec. 29, 2010: v18.5.0.125 (patch 18.5) Norton Internet Security 2011, Norton Antivirus 2011 and  Norton Internet Security Netbook Edition 2011 released; release info, fixes/improvements and downloads here:http://smokeys.wordpress.com/2010/12/29/norton-internet-security-2011-and-norton-antivirus-2011-v18-5-0-125-patch-18-5-released/

    UPDATE May 9, 2011: Norton Internet Security 2011, Norton Antivirus 2011 and Norton Internet Security Netbook Edition 2011 v18.6.0.29 (patch 18.6) released – ENGLISH ONLY

    UPDATE May 12, 2011: Norton 360 v5.1.0.29 (patch 5.1) released – ENGLISH ONLY

    -o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-o-

    Aug. 28, 2010

    Symantec offered today via their download servers Norton Internet Security 2011 and Norton Antivirus 2011 v18.1.0.37 Final RTM. Like I wrote before regarding NIS 2009, same positive words are (even more!) valid for today’s released Norton 2011 AV products: “without any hesitation I highly recommend Norton Internet Security 2011 to all people looking for a top-notch, reliable, easy to use all-in-one security suite.” Of course I also highly recommend NAV 2011: like NIS, great product for an acceptable price.

    I installed NIS 2011 on top of my NIS 2010 , the upgrade was no problem, all previous 2010 settings remained unaltered after the upgrade. The upgrade was accomplished within 1 minute, reboot was required.

    Full version / Upgrade / Trial download links NIS/NAV 2011 Final RTM 18.1.0.37 versions

    - Norton Antivirus 2011 English version: http://buy-download.norton.com/downloads/CLT/NAV/US/2011/18.1/ESD/NAV-TW-30-18-1-0-37-EN.exe

    - Norton Internet Security 2011 English version: http://buy-download.norton.com/downloads/CLT/NIS/US/2011/18.1/ESD/NIS-TW-30-18-1-0-37-EN.exe

    - o – o – o – o – o – o – o – o -o -

    - Norton Antivirus 2011 French version: http://buy-download.norton.com/downloads/CLT/NAV/FR/2011/18.1/ESD/NAV-TW-30-18-1-0-37-FR.exe

    - Norton Internet Security 2011 French version: http://buy-download.norton.com/downloads/CLT/NIS/FR/2011/18.1/ESD/NIS-TW-30-18-1-0-37-FR.exe

    - o – o – o – o – o – o – o – o -o -

    - Norton Antivirus 2011 German version: http://buy-download.norton.com/downloads/CLT/NAV/GE/2011/18.1/ESD/NAV-TW-30-18-1-0-37-GE.exe

    - Norton Internet Security 2011 German version: http://buy-download.norton.com/downloads/CLT/NIS/GE/2011/18.1/ESD/NIS-TW-30-18-1-0-37-GE.exe

    - o – o – o – o – o – o – o – o -o -

    - Norton Antivirus 2011 Dutch version: http://buy-download.norton.com/downloads/CLT/NAV/NL/2011/18.1/ESD/NAV-TW-30-18-1-0-37-NL.exe

    - Norton Internet Security 2011 Dutch version: http://buy-download.norton.com/downloads/CLT/NIS/NL/2011/18.1/ESD/NIS-TW-30-18-1-0-37-NL.exe

    - o – o – o – o – o – o – o – o -o -

    Full version / Upgrade / Trial download links Norton Internet Security Netbook Edition 2011 Final RTM 18.1.0.37, English and German versions

    - Norton Internet Security Netbook Edition 2011 English version: http://buy-download.norton.com/downloads/CLT/NISNE/US/2011/18.1/ESD/NIS-NETBOOK-ESD-18-1-0-37-EN.exe

    - Norton Internet Security Netbook Edition 2011 German version: http://buy-download.norton.com/downloads/CLT/NISNE/GE/2011/18.1/ESD/NIS-NETBOOK-ESD-18-1-0-37-GE.exe

    - o – o – o – o – o – o – o – o -o -

    Reviews, tests and awards NIS 2011 and NAV 2011

    - PCMag review Norton AntiVirus 2011: http://www.pcmag.com/article2/0,2817,2368764,00.asp
    – PCMag review Norton Internet Security 2011: http://www.pcmag.com/article2/0,2817,2368876,00.asp
    – CNet review Norton AntiVirus 2011: http://download.cnet.com/Norton-AntiVirus-2011/3000-2239_4-10592477.html
    – CNet review Norton Internet Security 2011: http://download.cnet.com/Norton-Internet-Security-2011/3000-18510_4-10592551.html
    – AV-Comparatives Award Best Anti-Virus Product of 2009: Symantec/Norton
    – PCWorld/AV-Test.org review Norton Internet Security 2011: http://www.pcworld.com/article/id,214625/article.html
    – Chip Online review Norton Internet Security 2011 (German language): http://www.chip.de/downloads/Norton-Internet-Security-2011_16463672.html

    August 28, 2010 Posted by | Advisories, Alerts, Anti-Spyware, Anti-Virus, Downloads, Malware, Phishing, Recommended External Security Related Links, Toolbarware, Vulnerabilities | , , , , , , , , , , , , , , , , , , , , , , , , , | 1 Comment

    AV-Comparatives Review IT Security Suites for Corporate Users, 2009

    Review: IT Security Suites for Corporate Users, 2009
    Test institution: AV-Comparatives
    Last revision date: 2009-27-05

    Following vendors participated in the review and tests:

    Avira, Eset, G-Data, Kaspersky, Sophos, Symantec, TrustPoint.

    AV-Comparatives / Reviews Main Page: http://www.av-comparatives.org/comparativesreviews >> click submenu Corporate Reviews *

    * For copyright reasons, no direct clickable destination link provided

    May 28, 2009 Posted by | Advisories, Anti-Spyware, Anti-Virus, Friends, Malware, Phishing, Recommended External Security Related Links | , , , , , , , , , , , , | Leave a comment

    Symantec: Increase in USB-Based Malware Attacks

    Symantec is currently observing an increase in malicious applications that use USB flash drive devices as a propagation method.

    At the moment, there are two popular methods that malicious applications use to infect USB flash drives:

    Simple file copy method

    With this method, a malicious application that is installed on an infected computer simply makes copies of itself to all storage devices that are attached to the infected computer. A copy of the malicious code will be placed on network shares, local drives, and removable media (such as USB flash drives) that are connected to the computer. Usually the malicious application will also attempt to copy itself to peer-to-peer (P2P) file-sharing shared folders as well.

    AutoRun.inf modification method

    With this infection method, the malicious application modifies or creates an autorun.inf file on all of the network shares, local drives, and removable media (including USB flash drives) that are connected to the computer. When an infected USB flash drive is inserted into another computer, the copy of the malicious application is automatically executed. Under a default configuration of Windows, this infection method does not require any interaction from the victim other than physically attaching the media to the computer.

    How to mitigate this threat

    There are many policy- and configuration-based mitigations that can be used to adequately limit the propagation of these threats. Network administrators are advised to:

    • Ensure that antivirus software is configured to scan all removable media when it is connected to a computer.
    Disable AutoRun functionality for removable media, which should be possible using endpoint security systems. For personal computers, there are many detailed tutorials on how to disable AutoRun. Also, holding down the SHIFT key while inserting a USB flash drive can temporarily disable AutoRun.
    • If removable drives are not required, endpoint security systems can distribute policies to prevent removable media from being recognized.
    • User education should be a priority to educate network users about these threats.

    Source/full report: Symantec Security Intel Analysis Team

    This alert is a summary of the Symantec alert, I advice you to read the full report.
    Smokey

    November 20, 2008 Posted by | Advisories, Alerts, Friends, Malware, Recommended External Security Related Links, Vulnerabilities | , , , , , , , , , , , , , , | Leave a comment

    Review Norton Internet Security 2009

    First I have to warn the “Almighty Clan of Norton Bashers and Haters”: don’t read this post. It will deliver you a bad headache… Beacuse: past week I have tested Norton Internet Security 2009, and it confirmed the enthusiastic conclusion of other tests: a top-notch security suite, best of the best. IMHO The Absolute #1 among security suites. Period.

    Apparently Symantec/Norton have learned from the mistakes made in the past, have listen serious to their customers, subsequent revamped their 2009 suite and the result is sensational: to other vendors of security suites it will be a stiff task to beat NIS 2009.

    To me, the only disappointing part of NIS 2009 is the Antispam module, but please keep in mind the pros of the suite are in the majority: Antivirus, Firewall, Antispyware and minimal performance impact. And also keep in mind that most security suites have a weak, unsatisfying Antispam module.

    Without any hesitation i highly recommend Norton Internet Security 2009 to all people looking for a top-notch, reliable, easy to use all-in-one security suite.

    Below I provide you with an comprehensive test/review, performed by PCMag. That review, same is valid for other NIS 2009 reviews, confirm my own positive experiences and impressions.

    PCMag Review Norton Internet Security 2009

    Editors’ Choice

    Bottom Line

    This is definitely the slimmest, most unobtrusive Norton ever. Its protection is top-notch where it counts, though antispam and parental controls are still weak. As the best all-around security suite yet, it’s our new Editors’ Choice.

    Pros

    Minimal performance impact*. Extremely effective spyware and virus protection. High-powered, comprehensive firewall. Free, proactive support. Phishing protection. Automated log-in, form-fill. Network map with remote configuration.

    Cons

    Antispam misses too much, blocks too many valid messages. Rudimentary parental controls. Network map allows no remote correction of reported problems.

    Full review: PCMag
    30 Day Uncrippled Trial NIS 2009: Norton Store

    *Confirmed by AV-Comparatives Performance Test Report: “Impact of Anti-Virus software on System Performance”, dated 2008-11-18. You can find the report at the bottom of the COMPARATIVES section of av-comparatives.org.

    Norton Internet Security 2009 System Requirements**

    Microsoft Windows Vista Home Basic/Home Premium/Business/Ultimate***

    Microsoft Windows XP with Service Pack 2 Home/XP Pro/XP Media Center Edition300 MHz or faster processor

    - 256 MB of RAM (*512 MB RAM required for the Recovery Tool)
    – 200 MB of available hard disk space
    – Standard Web browser

    Email scanning supported for POP3- and SMTP-compatible email clients.

    Support for AntiSpam feature

    - Microsoft Outlook 97 or later
    – Microsoft Outlook Express 6.0 or later

    Supported instant messaging clients

    - AOL
    – Yahoo!
    – Microsoft
    – Trillian

    Browser support for Browser Defense and Phishing Protection features

    - Microsoft Internet Explorer 6.0 (32-bit only) and later
    – Mozilla Firefox 2.0 and later

    **Must meet minimum Windows Vista operating system requirements.

    ***Source: Symantec.com

    November 2, 2008 Posted by | Advisories, Downloads, Friends, Malware, Recommended External Security Related Links | , , , , , , , , , , , , | 2 Comments

    Symantec confirms ActiveX bugs in its own consumer software

    Symantec Corp. has confirmed flaws in its most popular consumer security software that could give attackers the means to hijack the Windows PCs that the programs are supposed to protect.

    The vulnerabilities are in an ActiveX control that ships with several products, including Norton AntiVirus, Norton Internet Security, Norton SystemWorks and Norton 360.

    According to alerts released Wednesday by VeriSign Inc.’s iDefense, the ActiveX control SymAData.dll sports two vulnerabilities that could be used “to execute arbitrary code with the privileges of the currently logged in user” by attackers able to entice victims to malicious Web sites.

    Symantec confirmed the vulnerabilities Wednesday in its own advisory, and said the buggy control has shipped with Windows versions of Norton AntiVirus 2006-2008, Norton Internet Security 2006-2008, Norton SystemWorks 2006-2008 and Norton 360 Version 1.0.

    While it acknowledged the bugs, Symantec also downplayed the threat, saying that attacks would succeed only from specially crafted sites. “To successfully exploit either vulnerability, an attacker would need to be able to masquerade as the trusted Symantec Web site, such as through a cross-site scripting attack or DNS poisoning,” read the company’s advisory.

    However, cross-site scripting attacks have become common, and although DNS “poisoning” — fooling a DNS server into thinking the bogus routing directions it’s received are authentic — is less common, it’s not unheard of.

    The flawed ActiveX control is used by Symantec’s AutoFix tool, which is included with some of the company’s software and may also be downloaded to a PC during a live chat with a Symantec technical support representative. AutoFix diagnoses PC problems and offers solutions.

    Source: CW Security

    April 5, 2008 Posted by | Alerts, Friends, Recommended External Security Related Links, Vulnerabilities | , , , , , , , , | 1 Comment

       

    Follow

    Get every new post delivered to your Inbox.