Security Bytes: Strategic shift at Symantec leads to 80 layoffs

Article

Security Bytes: Strategic shift at Symantec leads to 80 layoffs

Strategic shift at Symantec leads to 80 layoffs
Cupertino, Calif.-based Symantec Corp. has decided to draw down its investment in network and gateway security appliances and let 80 of its 15,500 employees go as part of the strategic shift. Symantec informed its workforce of the changes late last week, according to published reports.

The company said it will stop making hardware for Symantec Gateway Security (SGS), Symantec Network Security (SNS) 7100, and the SGS Advanced Manager 3.0 products, though it will still develop the software used in these appliances. The company will now turn to partners to build the hardware.

Appliances currently in the market will continue to be sold and supported. The new strategy does not affect all appliances. Symantec Mail Security (SMS), Symantec Security Information Manager (SSIM) and Symantec Network Access Control Enforcer are among the products that won't be affected.

New flaws and exploits surface for Internet Explorer
Attackers could bypass security restrictions and launch malicious commands by exploiting two new flaws in Microsoft Internet Explorer (IE), vulnerability researcher Plebo Aesdi Nael said in an

    Requires Free Membership to View

    Login

    SearchSecurity.co.UK members gain immediate and unlimited access to breaking UK industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.co.UK today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.co.uk you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.co.uk is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

analysis published on the Full Disclosure message board hosted by Danish vulnerability clearinghouse Secunia.

In its advisory on the flaws, the French Security Incident Response Team (FrSIRT) described the vulnerabilities as:

  • An origin validation error when handling the "object.documentElement.outerHTML" property, which could be exploited by remote attackers to read content and data served from another domain in the context of a malicious Web page.
  • An error when browsing file shares, which attackers could exploit to trick a user into executing a malicious .hta file via a specially crafted Web page.

    FrSIRT noted that proof-of-concept exploits have been published.

    These new IE flaw reports come only days after Microsoft and Symantec warned of flaws and exploits targeting Microsoft's Remote Access Connection Manager (RASMAN), which was patched in the MS06-025 security bulletin June 13; and Windows Live Messenger, the instant messaging client formerly called MSN Messenger.

    Apple fixes Mac OS X flaws
    Apple Computer Inc. has released Mac OS X version 10.4.7 to address multiple security holes in the operating system.

    The update addresses the following problems:

  • An information disclosure vulnerability affecting the AFP server component. The problem occurs because search results can include the names of files and folders that an end-user should not be able to access. This may result in the disclosure of sensitive information if the file names themselves are of a sensitive nature.
  • A stack-based buffer overflow vulnerability affects ImageIO when viewing malformed .tiff images. An attacker could exploit this issue to control program execution flow; failed exploit attempts will likely result in a crash, effectively denying service to legitimate users.
  • A local format-string vulnerability affects the operating system's logging facility and may be exploited by attackers to execute arbitrary code with elevated privileges.
  • A denial-of-service vulnerability affects OpenLDAP. This issue can be exploited by remote attackers by asserting invalid requests. Successful exploits will cause the service to crash, effectively denying service.

    The flaws do not affect Mac OS X versions prior to 10.4.0

    New data security bill filed
    Sen. Bob Bennett, R-Utah, and Sen. Tom Carper, D-Del., have added to the growing list of data security measures now pending before Congress. The proposed Data Security Act of 2006 would create a national data protection and breach notification standard, Computerworld reported.

    "This bill would require all financial institutions, retailers and government agencies to maintain strong internal safety protections for the data they hold," Carper said in a statement. It would also require them to "quickly investigate" security breaches and to notify law enforcement, regulators and customers when there is a real risk of harm, he said.

    The proposed bill would expand the reach of current laws that require only financial institutions to protect the security and confidentiality of customer information, Bennett said in a separate statement.

    The Bennett-Carper legislation is modeled after the Gramm-Leach-Bliley Act and will require federal and state regulators to enforce compliance with the law and to make sure that data security procedures are uniformly applied, Computerworld noted.

    F-Secure patches flaw in its antivirus products
    Finnish antivirus firm F-Secure Corp. has addressed flaws that could allow attackers to push malware past the sensors of several antivirus products.

    "Antivirus products for Windows client and server systems fail to detect malware under certain circumstances," F-Secure said in an advisory. "Failures of this kind may lead to malware infections on protected systems."

    Linux, mobile and Windows-based gateway products are not affected by the vulnerability, F-Secure said.

    The advisory and issued hotfixes address two separate scenarios that both can lead to malware bypass:

  • The name of an executable program has been modified in a certain way. This leads to scanning failure despite the fact that it may be possible to execute the file.
  • The product fails to scan files on removable media. This occurs only in certain configurations where the "scan network drives" option has been disabled.

    Both scenarios may lead to system infection as the real-time scanner may grant permission to execute program files even if they are infected. But the vulnerability cannot, to F-Secure's knowledge, be used for privilege escalation attacks or to gain remote access to affected systems.