Symantec Antivirus 2006 has critical vulnerability

If you use and run Symantec Antivirus 2006 and Symantec Internet Security 2006, there’s a problem with a control that could lead to remote control of your computer. Please update your software.

Symantec has released details of a potential security threat in its 2006 products, involving ActiveX software provided by a third-party developer.

The ActiveX flaw, which could be used to initiate a stack overflow and gain remote access to a machine running the vulnerable software, affects several products in Symantec’s 2006 range, including Norton AntiVirus 2006 and Norton Internet Security 2006. The current 2007 range, including Norton 260, are not thought to be at risk, and no attempts to exploit the vulnerability have been observed.

Symantec’s article on this issue: