Welcome Guest! You need to login or register to make posts.



Go to last post Go to first unread
#1 Posted : Wednesday, August 13, 2008 7:15:37 PM(UTC)

Rank: Advanced Member

Groups: Member, Administration
Joined: 8/2/2003(UTC)
Posts: 876

Thanks: 2 times
Was thanked: 27 time(s) in 27 post(s)
From time to time our customers say us that end users who have Norton Antivirus 2008 installed experience difficulties with Image Uploader. I have googled a bit and found out that Symantec released an update in this March which added Image Uploader to a list of suspicious software:


It sounds like they read the news about vulnerabilities in Image Uploader and decided to block the control just in case. The worst thing is that perhaps they do not care about CLSID or version number. They use signature-based detection instead. This way Norton software will block not just vulnerable old ActiveX, but new safe version as well.

We will try to find some solution, but meanwhile I see two workarounds:

1. Give instructions to customers how to enable our upload component. Like guys from Smugmug did (big thanks to them):


2. Allow users to choose alternative way to upload photos through Java version.

#2 Posted : Tuesday, August 26, 2008 9:13:06 PM(UTC)

Rank: Advanced Member

Groups: Member, Administration, Moderator
Joined: 8/3/2003(UTC)
Posts: 1,070

Thanks: 1 times
Was thanked: 12 time(s) in 12 post(s)
Symantec removed Aurigma signatures from definition set. Here is answer from Symantec:
Symantec released intrusion prevention protection (IPS) signatures via LiveUpdate servers for our Norton customers for the Microsoft Advisory (http://www.microsoft.com/technet/security/advisory/953839.mspx) issuing kill bits for the Aurigma Image Uploader to protect against the malicious use of these ActiveX controls on Tuesday, August 12 at 2:26pm Pacific. Symantec removed this signature from its definition set when notified that some of these ActiveX controls appear to still be in legitimate use on Wednesday, August 13 2008, at 11:24am Pacific.

Symantec customers can use LiveUpdate to download newer definitions and this problem will no longer occur. Symantec will continue to work with Aurigma to determine a proper course of action to protect customers from malicious use of the ActiveX controls.

Sincerely yours,

Dmitry Sevostyanov

UserPostedImage Follow Aurigma on Twitter!

Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.