The Highlander Posted May 28, 2006 Report Share Posted May 28, 2006 Flaw Found in Symantec AntiVirus Researchers at eEye Digital Security have discovered a serious flaw in Symantec's enterprise antivirus software that could be used by hackers to create a self-replicating "worm" attack against Symantec users Because Symantec has not yet confirmed the existence of the problem, much less patched it, eEye is offering few details on the vulnerability, which was first disclosed late Wednesday. A Wormable Flaw "This is definitely a wormable flaw," said Mike Puterbaugh, eEye's vice president of marketing. "It does allow you to take remote control of the system." Similar to viruses, worms are able to spread from computer to computer, and past attacks such as 2003's Blaster and Slammer worms were widespread. Symantec is evaluating eEye's claims and "if necessary, will provide a prompt response and solution," a Symantec spokesman said Thursday. EEye Chief Hacking Officer Marc Maiffret believes that it will take Symantec a "month or two" to patch the problem. "The vulnerability is pretty straightforward for them to identify within their code," he said. Version 10 and greater of Symantec's enterprise antivirus software is affected by the flaw, but the company's consumer products do not have the bug, Maiffret said. Symantec Under Scrutiny This is not the first flaw to be reported in Symantec's security products, which have increasingly come under the scrutiny of hackers and security researchers over the past year. Last December, researcher Alex Wheeler discovered a flaw in Symantec's Antivirus Library that could allow remote attackers to gain control of systems that used Symantec's products. In October a critical flaw was found in the company's Scan Engine software. Link to artical here Link to comment Share on other sites More sharing options...
REDWAGON Posted May 29, 2006 Report Share Posted May 29, 2006 There isn't a piece of software out there that can't be hacked. It's just a matter of "IF" someone wants to. Frank.... Link to comment Share on other sites More sharing options...
gi7omy Posted May 29, 2006 Report Share Posted May 29, 2006 There isn't a piece of software out there that can't be hacked. It's just a matter of "IF" someone wants to. Frank.... True oh wise one - but has anybody noticed that Microsoft can manage to get patches out for hacks in its validation setup in a matter of days while they can take MONTHS to even acknowledge the program security has a flaw? Link to comment Share on other sites More sharing options...
Brendon Posted May 29, 2006 Report Share Posted May 29, 2006 True oh wise one - but has anybody noticed that Microsoft can manage to get patches out for hacks in its validation setup in a matter of days while they can take MONTHS to even acknowledge the program security has a flaw? I always ignore your persistent ringing on my front doorbell, but if you walk towards the back of my house I'm out in a flash demanding to know who you are and what you want. Link to comment Share on other sites More sharing options...
Guest ivanatrox Posted May 30, 2006 Report Share Posted May 30, 2006 I use NOD32 for my anti-virus at home... it's quite good Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.