Norton and Windows Update

If you are an experienced user, you probably want Windows Automatic Updates either off or on “download updates but let me choose when to install them.” Then you can choose when to install them, as recent updates have in fact created serious problems for some. Let others beta-test the new patches for a few days before you install them.

Norton/Symantec Security, in its infinite brain-damaged wisdom, will try to turn Auto Updates back on and will tell you it’s a security risk if you don’t. Ignore it. Of all the security programs, Norton is by far the stupidest and most intrusive, and idiot features like this simply prove that.

To change auto updates, go to Control Panel/ Automatic Updates.

But wait, there’s more.

Security research firm eEye warned Thursday that a high-risk vulnerability exists within Symantec’s Norton AntiVirus 10.x that could allow for code execution. According to an advisory posted on eEye’s Web site, the flaw does not require any user interaction to be exploited.

Especially troubling is the fact that that after the vulnerability is exploited, a hacker gains access to a command shell. This means that the attacker would be able to perform just about any action, and opens up the possibility of a worm automatically infecting systems.

This from a program that is supposed to be protecting your system. That’s it. All Symantec programs are coming off our two remaining computers that still use them. Not only are their programs clueless, ponderously slow, and annoying, they are also dangerous.