NOW READ THIS
("Security Advisory")

Go Back

---

Submitted by: Bill Hickey
NCVA List Master

NRT-0062 COMPUTER SECURITY (Tech Support Tools):

The US Computer Emergency Readiness Team (US-CERT) is warning that multiple flaws in commonly used technical support tools can open Windows PCs to cyberattacks. The vulnerable tools are often used by Internet Service Providers (ISPs), PC makers, and others to provide support functions such as remote assistance. The tools, provided by SupportSoft, contain multiple vulnerabilities. US-CERT lists nearly 40 companies and other organizations that have shipped the affected software. Some have addressed the problem, while others are still listed as vulnerable or unknown. Those that have yet to fix the SupportSoft issue include IBM and Internet access providers BellSouth, COMCAST, and Time-Warner (AOL). Symantec includes the SupportSoft components in its consumer security products and released its own alert on 22FEB, along with fixes. The problem is "high" risk, but is mitigated somewhat, because triggering the flaw would require some action on the part of the user. SupportSoft has published its own advisory on the issue. The company offers a step-by-step guide to fix the problem, beginning with searching a PC's hard drive for the vulnerable file (tgctlsi-dot-dll) and applying a fix. The US-CERT recommends the SupportSoft fix, but has found eight additional files that are vulnerable and lists those as: tgctlins-dot-dll; sdcnetcheck-dot-dll; tgctlar-dot-dll; tgctlch-dot-dll; tgctlpr-dot-dll; tgclcm-dot-dll; tglib-dot.dll; tgctlidx-dot-dll. US-CERT said searching a PC for all the files is the most effective way to determine if a system is vulnerable.

(CNET News 26FEB)

Last Modified: Sunday, 04-Mar-2007 09:38:54 EST