- Support für Privatanwender
- Support für Organisationen
- Allgemeine Support-Artikel
- Support issue archive
- Support Forum
- Support-Tools
- Sicherheitsbulletins [EN]
- Security Response
- Authentifizierungs- schlüssel verloren
- Retrieve Installation Key
- Benutzerhandbücher
- Installer
- Norman Training
- Betaversionen [EN]
Vulnerabilites in a Norman antivirus program driver used by the On-access scanner
4 September 2007
Issue
Vulnerabilities have been published in the driver nvcoaft51.sys which is used by the Windows version of Norman Virus Control On-access scanner.
Proof of concept program code is published on the Internet.
Affected software
- Norman Virus Control single user and corporate versions
- Norman Internet Control
- NVCnet for Terminal and File servers
- Third party software using rebranded versions of Norman's On-access scanner
Vulnerability status
Vulnerable operating systems
The driver that is affected by these vulnerabilities is only used on Windows legacy systems where Microsoft has stopped its maintenance program, or for operating systems Microsoft has issued major security updates.
Affected systems are:
- Windows NT4
- Windows 2000 pre Update rollup 1 for service pack 4
In all other operating systems from Microsoft the driver nvcoaft51.sys is no longer in use, if one runs an updated version of Norman Virus Control (version 5.90 or later). The affected driver was in version 5.90 replaced by the driver nvcw32mf.sys, which uses a new minifilter driver approach to the functionality needed.
Operating systems not vulnerable
The following operating systems from Microsoft are not vulnerable
- Windows 2000 post SP4 Update rollup 1
- Windows XP SP2
- Windows 2003 SP 1
- Windows Vista
Mitigating factors
Only installations running legacy operating systems are vulnerable.