Security News > 2005 > January > Symantec security site trips over spyware

Symantec security site trips over spyware
2005-01-21 08:07

http://www.theage.com.au/articles/2005/01/19/1106074829004.html By Online Staff January 19, 2005 Symantec's security website SecurityFocus, which runs the well-known Bugtraq vulnerability mailing list, has been forced to retract one of its columns [1] in which it claimed that only people who validated their copies of Windows online could download Microsoft's spyware beta. The column, by Mark D. Rasch, J.D., who is a former head of the Justice Department's computer crime unit, and now serves as Senior Vice President and Chief Security Counsel at Solutionary Inc., was posted on January 18. In the article, Rasch wrote: Early last month Microsoft announced that it would permit downloads of a beta version of its anti-spyware software from its website. However, users attempting to download the software are informed that "[t]his download is available to customers running genuine Microsoft Windows. Please click Continue to begin Windows validation." The website then uploads an executable file called "GenuineCheck.exe" to the users computer. However, in reality, users can click on the Continue button and proceed to a page where they have the choice of downloading the spyware beta after validating their copy of Windows or without going through the validation process. Today, an editor's note was seen on the article: "This column is in error. The download site for Microsoft's anti-virus software strongly encourages users to run the company's validation software, but does not require it. SecurityFocus apologizes (sic) for the mistake." SecurityFocus is owned by Symantec which, in 2002, purchased what was until then one of the most comprehensive databases of vulnerabilities available, for $US75 million. [1] http://securityfocus.com/columnists/292 _________________________________________ Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/


News URL

http://www.theage.com.au/articles/2005/01/19/1106074829004.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Symantec 80 10 69 77 12 168