Symantec AntiVirus Worm Hole Puts Millions at Risk

A newly discovered Symantec AntiVirus worm hole puts millions at risk without any user interaction whatsoever.

“This is definitely wormable. Once exploited, you get a command shell that gives you complete access to the machine. You can remove, edit or destroy files at will,” said eEye Digital Security spokesperson Mike Puterbaugh.

Oddly enough, Symantec’s Personal Firewall was designed to protect against this vulnerability, which means that the company was somewhat aware of this issue. Look for a patch to be issued within the coming days.

Subscribe, Trackback or Bookmark?

1 Comment on “Symantec AntiVirus Worm Hole Puts Millions at Risk”

Comments

Trackbacks

1 Symantec Posts Patch for Anti-Virus Vulnerability at Crypto Resync May 28th, 2006, at 10:49

[…] Symantec has posted a patch to correct the huge anti-virus client vulnerability that I previously reported on. The fix is apparently a manually installable one as opposed to being pushed out through Symantec’s LiveUpdate service. Looks like this upcoming Tuesday will be a busy day for many system administrators, as they work extra hard to secure their network from this exploit. Filed under: Security, Updates   |   Tags: security, symantec, update. […]

Write a comment

(required)

(required, but not published)

(optional)

You may use only these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>