Welcome Guest! You need to login or register to make posts.

Notification

Icon
Error

Options
Go to last post Go to first unread
dagrath  
#1 Posted : Thursday, August 14, 2008 4:06:52 AM(UTC)
dagrath

Rank: Newbie

Groups: Member
Joined: 8/14/2008(UTC)
Posts: 1

Just a few days ago, an update to Norton AntiVirus seems to have started blocking Image Uploader on our site.

The log in Norton shows this:

> Details: Attempted Intrusion "HTTP Aurigma Image Uploader ActiveX Activity" against your machine was detected and blocked.

> Intruder: api.smugmug.com(208.79.45.23)(http(80)).

> Risk Level: High.

> Protocol: TCP.

> Attacked IP: 66.102.205.234.

> Attacked Port: 1098.

> Click the address to trace the attacker.

We are able to get our customers working by having them put exemptions in Norton for our site, but this is less than ideal. Is there any work around or details on this?

Dmitry  
#2 Posted : Thursday, August 14, 2008 4:32:34 PM(UTC)
Dmitry

Rank: Advanced Member

Groups: Member, Administration, Moderator
Joined: 8/3/2003(UTC)
Posts: 1,070

Thanks: 1 times
Was thanked: 12 time(s) in 12 post(s)
Hello,

Thanks for your report.

We know about this problem. I have contacted Symantec support but still has no reply from them.

I will keep you updated.

Sincerely yours,

Dmitry Sevostyanov

UserPostedImage Follow Aurigma on Twitter!

vthakur  
#3 Posted : Wednesday, August 20, 2008 8:02:16 AM(UTC)
vthakur

Rank: Newbie

Groups: Member
Joined: 8/20/2008(UTC)
Posts: 1

Hello,

Symantec released intrusion prevention protection (IPS) signatures via LiveUpdate servers for our Norton customers for the Microsoft Advisory (http://www.microsoft.com/technet/security/advisory/953839.mspx) issuing kill bits for the Aurigma Image Uploader to protect against the malicious use of these ActiveX controls on Tuesday, August 12 at 2:26pm Pacific. Symantec removed this signature from its definition set when notified that some of these ActiveX controls appear to still be in legitimate use on Wednesday, August 13 2008, at 11:24am Pacific.

Symantec customers can use LiveUpdate to download newer definitions and this problem will no longer occur. Symantec will continue to work with Aurigma to determine a proper course of action to protect customers from malicious use of the ActiveX controls.

Do post a note if this problem is still persistent even after updating definitions to the latest available.

Regards,

- V Thakur

Dmitry  
#4 Posted : Wednesday, August 20, 2008 4:37:30 PM(UTC)
Dmitry

Rank: Advanced Member

Groups: Member, Administration, Moderator
Joined: 8/3/2003(UTC)
Posts: 1,070

Thanks: 1 times
Was thanked: 12 time(s) in 12 post(s)
Hello Thakur,

Thank you very much for the update. I will write email with required information to Symantec today.

Edited by user Wednesday, August 20, 2008 4:39:22 PM(UTC)  | Reason: Not specified

Sincerely yours,

Dmitry Sevostyanov

UserPostedImage Follow Aurigma on Twitter!

Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.