Symantec products threatened by Active X flaw

Symantec is urging its customers to patch their security products after being warned about a critical vulnerability that could allow hackers to execute code remotely.

The vulnerability was reported by security research firm Secunia as "highly critical".

Norton AntiVirus 2006, Norton Internet Security 2006, Norton SystemWorks 2006 and Norton Internet Security 2005 AntiSpyware Edition are affected. However, the vulnerability doesn't affect its corporate software.

It comes about because of an input validation error, which fails to analyse incoming data for malicious commands before executing them.

To exploit the vulnerability, hackers could send e-mails to users inviting them to click on a link to a Web site containing the exploit code, Symantec said.

Richard Thurston reported for ZDNet UK from London