May 26, 2006
Flaw found in Symantec business antivirus software
SAN FRANCISCO (Reuters) - Versions of Symantec Corp.'s
anti-virus business security software contain a flaw that could
put millions of computers at risk of a crippling worm attack,
Internet experts warned on Friday.
Researchers at eEye Digital Security discovered the
vulnerability, which they said could allow an attacker to
create a worm able to take over a user's computer and destroy
critical programs and files.
They rated the threat as high because a hacker could
exploit the flaw to get on a machine and edit, remove and
delete programs and files without a user doing anything, such
as clicking on a link, eEye spokesman Mike Puterbaugh said.
"This could potentially result in an Internet worm," he
said. "It is a flaw that can be triggered from another location
and provides the attacker with system-level access."
A worm is a computer virus that spreads by sending copies
of itself over a network. Most viruses these days are worms,
since almost all computers are now linked by networks.
Symantec, a leading maker of anti-virus software used by
consumers and businesses, said in a statement it was
investigating and that the issue does not affect its popular
Norton consumer brand of products.
It confirmed eEye's finding that its Client Security 3.1
and AntiVirus Corporate Edition 10.1 offerings contained the
flaw that Symantec said could allow a remote user to attack a
"Fixes have been identified for all affected products and
work on these fixes is ongoing," the company said in a
statement. "To date, Symantec has not had any reports of any
related exploits of this vulnerability."
The warning comes as Internet security experts say cyber
criminals are more interested in breaching systems for
financial gain rather than simply to win notoriety by
unleashing a devastating worm.
In fact, the number of headline-grabbing viruses has slowed
since the Blaster worm outbreak in 2003, which targeted
Microsoft software and devastated hundreds of thousands of