Microsoft Fax Services has a Trojan Horse?

[BudV]

I'm running WinXP Home SP2 on a Dell I2500. The entire system is as clean
from malware as I can keep it.
Yesterday I installed the MS Fax service that comes with XP. As soon as I
activate the fax console from my desktop, I get repeated alerts from Norton:
"Security Alert created for Default Block Netspy Trojan Horse rule."

What's going on and what's my next step?

 

[Lem]

I'm running WinXP Home SP2 on a Dell I2500. The entire system is as clean
from malware as I can keep it.
Yesterday I installed the MS Fax service that comes with XP. As soon as I
activate the fax console from my desktop, I get repeated alerts from Norton:
"Security Alert created for Default Block Netspy Trojan Horse rule."

What's going on and what's my next step?

This is a bug (surprise!) in Norton Antivirus. See these articles:

http://service1.symantec.com/SUPPORT/nav.nsf/0/bbd33502f90e68f86525703b0064e421?OpenDocument
http://service1.symantec.com/SUPPORT/nip.nsf/0/713afacbd4135e0a88256c77007e526f?OpenDocument
http://service1.symantec.com/Support/nav.nsf/docid/2004091413133506?Open&src=con_ols_nam

 

[Earl F. Parrish]

LOL! Thank goodness I found your advice, Lem. I went to online chat with
Symantec (huge mistake) and, guess what?, I got the royal runaround like
they
have never heard of this problem before. They kept passing me from one
tech
person to another. I finally said DUH! and disconnected from them. The
same alert was coming through for me when I configured my Microsoft FAX
today. I read the tech articles you linked to and will see if that will
solve the problem. I am still a little concerned that by opening Port
1024,
I am making myself more vulnerable to attack. True or false?

You are only allowing connections to and from the local host at 127.0.0.1.
That IP address is not routable on the Internet.