News Blog

Symantec has added Norton Antivirus 2008 and Norton Internet Security 2008 to it's Beta Center. Enhancements to Norton Antivirus 2008 include better performance and updated Symantec Online Network for Advanced Response (SONAR) heuristics. Enhancements to Norton Internet Security 2008 include those in Norton Antivirus 2008 plus Norton Identity Safe (from Norton Confidential), and enhanced network monitoring. Both pieces of software are expected to include new browser vulnerability protection, codenamed "Canary", in their final release.

The Symantec beta program includes no technical support, although customer feedback is welcome. Symantec reminds participants in the beta program not to install these apps on production machines. Beta software is intended for testing only.

As part of their upcoming Norton Internet Security 2008 product, Symantec will include a new technology they're currently calling "Canary." The idea behind Canary is vulnerable browsers are the first point of entry for many Web threats known as "drive by" downloads. Canary will identify signatures of known Internet Explorer browser vulnerabilities then block exploits as soon as they are released. "Canary creates vulnerability signatures," said Rowan Trollope, vice president of Consumer Products at Symantec. Signatures for other browsers, including Firefox, will be included in the future.

The timing of this new technology couldn't be better as Web attacks are on the upswing. This past week there was a rash of legitimate Web sites infected with hostile drive-by code, most of it originating from servers running Mpack, a multipurpose exploit package. The Mpack attack works, in part, if your browser is vulnerable to any of the exploits hosted on the server. IE has a number of outstanding public vulnerabilities, so until Microsoft patches them, Canary will block any newly created exploits. Even after Microsoft issues a patch for a vulnerability, Canary's signatures remain. "This isn't like virus signatures; IE has less than 100 vulnerability signatures," said Trollope.

Canary, which will be known by another name when it goes public, should be available in time for the 2008 product launch in August or September of this year. It will be included within Norton Antivirus 2008, Norton Internet Security 2008, and Norton 360 2.0. Current Norton 2007 subscribers will also get this technology as part of Symantec's automated program updates following the 2008 product release.

These days, criminal enterprises don't just want to steal your Outlook contact list, they want to own your computer, and they will download a remote-access Trojan horse at the first available opportunity. Within the last six months, Symantec has seen the number of these "bot" infections increase 29 percent over the previous six months. That's why Symantec is rushing to market a new application they're calling Norton AntiBot.

While most antivirus applications today provide adequate protection against spyware and malware, once these are removed, your machine is vulnerable to new and different variations of the same. Say a site you visit has been compromised with a stealth-like IFrame that, each time you visit the page, downloads a different Trojan. Symantec has licensed new behavior-based technology that picks up on this activity and proactively protects your computer from repeat attacks.

Norton AntiBot is designed to complement Symantec's existing SONAR technology, a behavior-monitoring and blocking feature acquired from a company called Whole Security last year and currently available on Norton Antivirus, Norton Internet Security, and Norton 360.

The download for the public beta, along with appropriate caveats, can be found on the Symantec site. Information on price and final availability was not available at press time.