April Bug of the Month

Author: Bruce KratofilPublished: Apr 02, 2005 at 9:25 am 0 comments

The Bug of the Month for April 2005 was posted as the Bug of the Day on March 29

There is a potential denial of service attack that can be launched against most Symantec Norton AntiVirus (NAV) products, including Norton AntiVirus 2004, Norton Internet Security 2004 (Professional), Norton System Works 2004 (Professional), Norton AntiVirus 2005, Norton Internet Security 2005, and Norton System Works 2005 (Premier). Researchers at the Information-Technology Promotion Agency-Japan, IPA, found that if files are modified in a certain way, the NAV products may crash with a Blue Screen of Death when they are scanned with the Norton Smart Scan feature. Symantec has patched all their products, and the fixes are available via LiveUpdate. See the details at http://securityresponse.symantec.com/avcenter/security/Content/2005.03.28.html.

Why this one? Symantec is one of the leading, if not the leading, security software vendors, and Norton AntiVirus has a large market share. Thus, this bug could affect lots of people. (A bug that affected Adobe products installed on a RAID disk was under consideration. It was probably a more interesting bug, but how many people have RAID disks?) Plus it strikes at one of the key pieces of a computer's defense, the antivirus product. The nice thing about this bug is that most people who use NAV use Symantec's Live Update technology, so they will automatically get the fix.

About the Bug of the Month
Beginning in January 2005, the BugBlog has picked its Bug of the Month, representing the most significant bug found in the past month. Sometimes, the bug will be the one which could potentially cause the most damage; sometimes it will be the bug which affects the most users. And sometimes, it will be the bug that is just the most interesting bug. This bug will be selected either from the free Bug of the Day, or from the subscription-only BugBlog Plus.
Past Bugs of the Month:
March 2005: IDN Spoofing Bug
February 2005: Windows Animated Cursor Bug
January 2005: Windows Firewall Problems with Dial-up connections

Article tags

Spread the word
Bookmark and Share
Profile image for Bruce Kratofil

Article Author: Bruce Kratofil

Bruce Kratofil blogs on bugs and other things that can go wrong with your computer at The BugBlog, and writes about computers and economics at BJK Research

Visit Bruce Kratofil's author pageBruce Kratofil's Blog

Read comments on this article, and add some feedback of your own

Article comments

Add your comment, speak your mind

Personal attacks are NOT allowed.
Please read our comment policy.

blogcritics lists for Jul 09, 2009

fresh articles Most recent articles site-wide

fresh comments Most recent comments site-wide

most comments Most comments in 24hrs

top writers Most prolific Blogcritics for June

top commenters Most prolific Commenters in 24 hrs

Sci/Tech Highlights