May 26, 2006
According to Internet security experts eEye Digital Security Inc., a new and very critical security hole has been
found in Symantec Corp.'s enterprise antivirus software. The security flaw could be used by potential hackers and
attackers to create a self-replicating virus to attack many Symantec users on their systems.
Since Symantec has not yet actually confirmed the existence of the specific problem, much less patched it,
eEye.com is offering very few details on the vulnerability, which was first disclosed at the end of the day, May 24.
"This is definitely a wormable flaw," said Mike Puterbaugh, eEye's vice president of marketing. "It does allow you to take remote control of the system."
Similar to viruses, worms are able to spread from computer to computer, and past attacks such as 2003's Blaster and Slammer worms were widespread.
Symantec is evaluating eEye's claims and "if necessary, will provide a prompt response and solution," a Symantec spokesman said Thursday.
Eeye Chief Hacking Officer Marc Maiffret believes that it will take Symantec a "month or two" to patch the problem. "The vulnerability is pretty straightforward for them to identify within their code," he said.
Version 10 and greater of Symantec's enterprise antivirus software is affected by the flaw, but the company's consumer products do not have the bug, Maiffret said.
This is not the first flaw to be reported in Symantec's security products, which have increasingly come under the scrutiny of hackers and security researchers over the past year. Last December, researcher Alex Wheeler discovered a flaw in Symantec's Antivirus Library that could allow remote attackers to gain control of systems that used Symantec's products.
In October 2005, a critical flaw was found in the company's Scan Engine software.
Source: IT World Canada
Bookmark this Tech Blog by
clicking here.
Home |
Write to us
