In a slightly different sort of warning, a "friendly hacker" has advanced the claim that the "web scan" programs of all AV providers includes a "hole" that could be used by a malicious hacker. No use is known, thus far, but since the existence and general nature of the problem has been published, it might be expected that someone will try.

When you go to an AV providers web site and "have your system scanned" a small program is downloaded to your machine, and the "bot" that's downloaded is the program that actually runs the scan. The "bot" remains on your machine after the scan is finished.

The claim is that the "bot" can be accessed, and a buffer overrun created, that allows the malicious hacker to access most of your machine. Symantec (Norton) maintains that the buffer size exceeds what can be loaded, and plans no fix. McAfee admits that the buffer "load" to create the overrun is quite small, and has produced a fix. Other AV vendors are varied in their response to this.

McAfee specifically recommends that if you have used their "webscan" at any time in the past, you should return to their site and have your machine "re-scanned." When you rescan, their "new and improved bot" will replace the one on your machine.

This recommendation applies if you have used their scan, whether or not you use McAfee AV. Similar procedures apparently may be needed if you have used the "free scan" via web hookup from almost, possibly all, AV suppliers.

If you can remember who's facility you have used for a "free web scan," it might be well to visit the site and see if they have a fix, or words of reassurance about this. If you used McAfee, they specifically recommend "getting fixed" by getting a fresh scan.

John