Symantec fixes mail deletion flaw in security suite

Symantec Corp. has fixed a flaw in part of its Norton Internet Security 2003 security software suite that can cause e-mail to be deleted before it reaches a user’s inbox, Symantec said Friday.

Users had complained that Norton Internet Security 2003 was deleting e-mail. For such e-mail, all that appeared in the inbox was a message with “Symantec Email Proxy Deleted Message” in the subject line, said Katherine James, a Symantec spokeswoman in the U.K.

“We had a small number of users of Norton Internet Security 2003 who reported that the product was inadvertently deleting e-mails,” said Jones, adding that the first report came in on Oct. 14. Symantec issued a software patch to fix the flaw earlier this week.

The flaw lies in the antispam part of Norton Internet Security 2003, an Internet security suite that includes antivirus, firewall, privacy control, spam alert, and parental control software. The antispam feature is meant to flag any suspected spam, unwanted commercial e-mail, coming in to an inbox.

“If a user was running the computer continuously and was receiving a large volume of e-mail, or they had configured their e-mail client to check the mail server frequently, the Norton Spam Alert could cause memory allocation errors, which could cause the e-mail deletion,” said James.

Symantec believes only a small number of users have actually been affected by the flaw because of the small number of complaints. The Cupertino, California, company, however, won’t say how many customers complained or where those customers were located. Norton Internet Security 2003 is sold around the world.

Norton Internet Security 2003 users can download a patch that fixes the memory allocation error through the application’s online update feature, James said.