Symantec AntiVirus products that include the Symantec Decomposer are prone to multiple remote vulnerabilities related to the handling of CAB and RAR archives. These issues include a denial-of-service vulnerability and a buffer-overflow vulnerability. Successfully exploiting these issues allows remote attackers to execute arbitrary machine code with SYSTEM-level privileges or to cause the affected application to enter an infinite loop, resulting in a denial-of-service condition.
Run all software as a nonprivileged user with minimal access rights.
To mitigate the impact of successful exploits, run all software with the least privileges required to maintain functionality.
Do not accept or execute files from untrusted or unknown sources.
To reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources.
Implement multiple redundant layers of security.
Various memory-protection schemes (such as nonexecutable and randomly mapped memory segments) may complicate exploits of memory-corruption vulnerabilities.
The vendor released an advisory and updates to address this issue. To update consumer products, run LiveUpdate in Interactive Mode. For Mac consumer products, install definitions released after 10/1/2006. Please refer to the advisory for a complete list of affected products and applicable updates.