Welcome Guest Search | Active Topics

Aurigma Forums » Image Uploader / Video Uploader / File Downloader » FAQ - Frequently Asked Questions » Image Uploader and Norton Antivirus

Add Reply New Topic

Image Uploader and Norton Antivirus

 Options
Previous Topic · Next Topic
Andrew
Posted: Thursday, August 14, 2008 3:15:37 AM
Andrew's avatar
Rank: Advanced Member
Groups: Administration , Member

Joined: 8/2/2003
Posts: 715
Points: 126
From time to time our customers say us that end users who have Norton Antivirus 2008 installed experience difficulties with Image Uploader. I have googled a bit and found out that Symantec released an update in this March which added Image Uploader to a list of suspicious software:

http://www.symantec.com/avcenter/security/Content/2008.03.04.html

It sounds like they read the news about vulnerabilities in Image Uploader and decided to block the control just in case. The worst thing is that perhaps they do not care about CLSID or version number. They use signature-based detection instead. This way Norton software will block not just vulnerable old ActiveX, but new safe version as well.

We will try to find some solution, but meanwhile I see two workarounds:

1. Give instructions to customers how to enable our upload component. Like guys from Smugmug did (big thanks to them):

http://wiki.smugmug.net/display/SmugMug/Configure+Norton+to+Allow+Aurigma+Simple+Uploader

2. Allow users to choose alternative way to upload photos through Java version.
Sincerely yours,
Andrew Simontsev from Aurigma Team
Back to top
Blog  
Dmitry
Posted: Wednesday, August 27, 2008 5:13:06 AM
Dmitry's avatar
Rank: Advanced Member
Groups: Administration , Member

Joined: 8/3/2003
Posts: 917
Points: 999
Symantec removed Aurigma signatures from definition set. Here is answer from Symantec:
Quote:
Symantec released intrusion prevention protection (IPS) signatures via LiveUpdate servers for our Norton customers for the Microsoft Advisory (http://www.microsoft.com/technet/security/advisory/953839.mspx) issuing kill bits for the Aurigma Image Uploader to protect against the malicious use of these ActiveX controls on Tuesday, August 12 at 2:26pm Pacific. Symantec removed this signature from its definition set when notified that some of these ActiveX controls appear to still be in legitimate use on Wednesday, August 13 2008, at 11:24am Pacific.

Symantec customers can use LiveUpdate to download newer definitions and this problem will no longer occur. Symantec will continue to work with Aurigma to determine a proper course of action to protect customers from malicious use of the ActiveX controls.

Sincerely yours,
Dmitry Sevostyanov.
Back to top
WWW  
Users browsing this topic
Guest

Add Reply New Topic

Aurigma Forums » Image Uploader / Video Uploader / File Downloader » FAQ - Frequently Asked Questions » Image Uploader and Norton Antivirus


Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

Main Forum RSS : RSS

YAFVision Theme Created by Jaben Cargman (Tiny Gecko)
Yet Another Forum.net version 1.9.1.6 running under Cuyahoga.
Copyright © 2003-2006 Yet Another Forum.net. All rights reserved.