Endpoint
10/25/2012
08:16 AM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Court To Notify Current And Former Norton Customers About $10 Cash Refunds For Antivirus Software Upgrades And Renewals

Products included in the settlement are Norton AntiVirus, Norton Internet Security, Norton 360, Norton Personal Firewall, and Norton SystemWorks

SAN FRANCISCO, Oct. 25, 2012 /PRNewswire/ -- A notification program began today, as ordered by the United States District Court for the Northern District of California (the "Court"), to alert people who purchased Norton antivirus software from Symantec Corporation ("Symantec") about a proposed class action settlement.

This settlement resolves a lawsuit over whether Symantec Corporation

("Symantec") improperly charged customers for the automatic renewal of a prior Norton software subscription after they purchased another Norton product.

Eligible claimants may receive a $10 cash refund or two-month Norton subscription extension for each eligible pair of Norton purchases. The settlement also provides that Symantec will make certain website disclosures and other changes to its business practices.

The following products are included in the settlement: Norton AntiVirus, Norton Internet Security, Norton 360, Norton Personal Firewall and Norton SystemWorks ("Eligible Products").

The Settlement Class includes all individuals, businesses and other entities in the United States who between October 1, 2005 and May 23, 2012: (a) purchased an Eligible Product, and (b) enrolled in Norton's automatic renewal service for that product, and (c) purchased (or renewed) a second Eligible Product either during the term of a subscription to the first Eligible Product or within 60 days after being charged an automatic renewal charge for that first Eligible Product, and (d) installed the second Eligible Product on the same computer as the first Eligible Product, and (e) have not received a refund of the automatic renewal charge. Each pair of product purchases is an "Eligible Transaction."

Class Members who submit valid claims by May 6, 2013, may receive a $10 cash refund or two-month Norton subscription extension for each Eligible Transaction.

Claims for a single Eligible Transaction do not require proof from the claimant--the claim is based on their knowledge and recollection. Claims for multiple Eligible Transactions require that the claimant provide proof-of-purchase documentation. Class Members can request a Claim Form, Detailed Notice and postage prepaid envelope by calling the toll free number or visiting the website. Claims may be submitted by postal mail, email or fax.

Notices will be sent to potential Settlement Class Members and are scheduled to appear in nationwide print and online media leading up to a hearing on April 4, 2013, when the Court will consider whether to grant final approval to the settlement.

The Court has appointed the law firms of The Law Offices of Thomas M. Mullaney in New York, NY, and Larry D. Drury, Ltd., in Chicago, IL, as Class Counsel to represent the Settlement Class.

Those affected by the settlement can ask to be excluded from, or object to, the settlement and its terms. The deadline for exclusions and objections is February 26, 2013.

A toll free number, 1-877-853-3045, has been established in the case known as Marolda v. Symantec Corp., Case No. 08-5701 (EMC), along with a website, www.NortonSettlement.com, where the notice, claim form and other information may be obtained. Those affected may also send an email to info@NortonSettlement.com or write to Norton Upgrade Settlement, P.O. Box 3170, Portland, OR 97208-3170.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2021
Published: 2014-10-24
Cross-site scripting (XSS) vulnerability in admincp/apilog.php in vBulletin 4.4.2 and earlier, and 5.0.x through 5.0.5 allows remote authenticated users to inject arbitrary web script or HTML via a crafted XMLRPC API request, as demonstrated using the client name.

CVE-2014-3604
Published: 2014-10-24
Certificates.java in Not Yet Commons SSL before 0.3.15 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

CVE-2014-6230
Published: 2014-10-24
WP-Ban plugin before 1.6.4 for WordPress, when running in certain configurations, allows remote attackers to bypass the IP blacklist via a crafted X-Forwarded-For header.

CVE-2014-6251
Published: 2014-10-24
Stack-based buffer overflow in CPUMiner before 2.4.1 allows remote attackers to have an unspecified impact by sending a mining.subscribe response with a large nonce2 length, then triggering the overflow with a mining.notify request.

CVE-2014-7180
Published: 2014-10-24
Electric Cloud ElectricCommander before 4.2.6 and 5.x before 5.0.3 uses world-writable permissions for (1) eccert.pl and (2) ecconfigure.pl, which allows local users to execute arbitrary Perl code by modifying these files.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.