All the latest UK technology news, reviews and analysis
|
|
|
29 Aug 2005
Symantec has issued a patch for a security hole in its Corporate Edition 9.0 and Client Security 2.0 products.
The flaw was first reported by iDefense Labs and could allow a user to gain privileged access to files and functionalities on a local system through the software's help function.
The help software uses the same HTML format as for web pages. But the functionality is granted privileged access even if the user has only restricted rights.
By manipulating the user interface, a user could use those rights to browse all system files or execute applications.
Because the flaw cannot be exploited remotely, Symantec ranked its risk as 'medium'.
Licensed users of the affected products are advised to download the latest patch through the support website or update service.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Position: Infrastructure Technical Lead Experience...
Channel Manager / Sales Manager /Software solutions...
BUSINESS SALES / IT SALES / BUSINESS CONSULTANT / LONDON...
TECHNICAL SALES / ACCOUNT EXECUTIVE / SOFTWARE SALES...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?