2001 whitelisting of Magic Lantern In 2001, the
FBI confirmed the active development of
Magic Lantern, a
keylogger intended to obtain passwords to encrypted e-mail and other documents during criminal investigations. Magic Lantern was first reported in the media by
Bob Sullivan of
MSNBC on 20 November 2001 and by Ted Bridis of the
Associated Press. The FBI intends to deploy Magic Lantern in the form of an
e-mail attachment. When the attachment is opened, it installs a
trojan horse on the suspect's computer, which is activated when the suspect uses
PGP encryption, often used to increase the security of sent email messages. When activated, the trojan will log the PGP password, which allows the FBI to decrypt user communications. Symantec and other major antivirus vendors have
whitelisted the Magic Lantern trojan, rendering their antivirus products, including Norton AntiVirus, incapable of detecting it. Concerns around this whitelisting include uncertainties about Magic Lantern's full surveillance potential and whether hackers could subvert it and redeploy it for purposes outside of law enforcement.
2000s product support In 2004, users received an error stating "Your virus protection cannot be updated." This error occurred after an update to the software and refused to allow daily updates. Also in 2007, Norton AntiVirus flagged components of the
Pegasus email client as malicious, rendering the program corrupted. Symantec customer service addressed the problem by running through a checklist of troubleshooting steps. On January 28, 2010
Symantec Anti-virus update marked
Spotify as a
Trojan Horse disabling the software across millions of PCs.
2006 faulty update On July 25, 2006, Symantec released a faulty update for
Norton AntiVirus 2006 users. Users reported an onscreen message stating "Norton AntiVirus 2006 does not support the repair feature. Please uninstall and reinstall.". Symantec claimed the faulty update was downloaded to customers between 1:00 PM and 7:00 PM on July 25, 2006. Symantec developed a workaround tool. The company released a statement, stating they expected to deliver a repair patch to affected users by Monday, July 31, 2006.
2009 uninstallation Prior to 2009, Norton AntiVirus was criticized for refusing to
uninstall completely, leaving unnecessary files behind. Another issue is versions prior to 2009 installed
LiveUpdate, which updates Norton-branded software, separately. The user must uninstall both Norton AntiVirus and the LiveUpdate component manually. The LiveUpdate component is purposely left behind to update other Norton-branded products, if present. In response, Symantec developed the
Norton Removal Tool (SymNRT) to remove leftover
registry keys and values along with files and folders. However, neither route of uninstallation will remove subscription data, preserved to prevent users from installing multiple trial copies.SymNRT can only remove these Norton programs: • Norton AntiSpam 2004 and 2005 •
Norton Antivirus 2003 through 2012 •
Norton Ghost 2003,9.0,10.0,12.0,1 A.O and 15.0 •
Norton GoBack 3.1 through 4.2 •
Norton Internet Security 2003 through 2012 • Norton Password Manager •
Norton Personal Firewall 2003 through 2006 •
Norton SystemWorks 2003 through 2009 •
Norton Confidential Online 2007 • Norton Add-on Pack 1.0 – 4.0 • Norton Save and Restore 1.0 through 2.0 •
Norton 360/Security Suite/Business Suite 1.0 – 5.0 • Norton Safety Minder 1.0 •
Norton Safe Web 3.2 Once SymNRT has started the removal process, it cannot be stopped. It is recommended to close all running programs prior to running SymNRT.
ACT! and
WinFax users are recommended to back up their databases before running SymNRT.
2007 incompatibility with ZoneAlarm Norton AntiVirus 2007 would not install alongside
ZoneAlarm.
2009 concerns regarding PIFTS.exe In 2009, some users of Norton AntiVirus 2006 and 2007 experienced a
firewall warning stating a Norton-associated file, "PIFTS.exe", was trying to connect to the
Internet. Although this file was revealed to be a harmless diagnostic patch, the program gained attention in the media when Symantec removed posts from their forum concerning PIFTS. With no information available about the purpose of the program there was speculation that the program was
malware or a
backdoor. The
SANS Internet Storm Center claimed to have spoken to a Symantec employee who has confirmed that "the program is theirs, part of the update process and not intended to do harm." Graham Cluley, a consultant from antivirus vendor
Sophos found PIFTS connected to a Symantec server, forwarding product and computer information. On March 10, Symantec made an official response to the PIFTS program, claiming posts in the support forum were deleted due to
forum spam rules; however the deletion of PIFTS-related posts began before the spam attacks. Symantec stated PIFTS itself was a diagnostic patch.
2024 Evaluation of password checkup tools A 2024 study by Hutchinson et al. examined the “password checkup” features of 14 password managers, including Norton Password Manager, using weak, breached, and randomly generated passwords. The authors found that the evaluated products reported weak and compromised passwords inconsistently and sometimes incompletely. No manager successfully flagged all known breached passwords. == Macintosh edition ==