Patch our products because the viruses are coming: Symantec

Symantec has warned its customers to patch or upgrade their security products because of a recently discovered vulnerability that could actually help malware writers execute virus code on apparently 'protected' systems.The flaw affects the majority of Symantec's enterprise and consumer security products - including antivirus, antispam and even firewalls - and can be exploited using a specially crafted virus or Web page.

Symantec has warned its customers to patch or upgrade their security products because of a recently discovered vulnerability that could actually help malware writers execute virus code on apparently 'protected' systems.

The flaw affects the majority of Symantec's enterprise and consumer security products - including antivirus, antispam and even firewalls - and can be exploited using a specially crafted virus or Web page. According to Symantec, the vulnerability allows the attacker to exploit a buffer overflow and launch arbitrary code on a vulnerable machine.

Tim Hartman, senior technical director for Symantec Asia Pacific, told ZDNet Australia  that the flaw was discovered in a software 'engine' that is used to deliver virus definitions to the majority of the company's products.

"A vulnerability is not a vulnerability till somebody discovers it but because this is now known, somebody could craft an e-mail, mass mailer or a virus that takes advantage of it. It affects our firewalls, antispam, all the retail products and the enterprise products as well," said Hartman.

According to Hartman, Symantec's priority is to ensure all of its customers either install a patch to plug the hole or upgrade to the latest version - which he said are not vulnerable.

"The best thing to do is upgrade but that is up to the discretion of the user. The problem is that not everybody upgrades and not everybody updates so there are still quite a few legacy systems out there that have this vulnerability," said Hartman.

This most recent flaw is an embarrassment for Symantec, which has been the subject of criticism over the past four months for continuing to ignore a flaw in its consumer antivirus products that enable malicious scripts to deactivate the application's real time scanning feature -- leaving the victim's computer completely defenceless.

Additionally, within hours of announcing the most recent flaw in its products, Symantec issued a statement to clarify that Microsoft's acquisition of Sybari Software, which develops security software that can be used with Microsoft Exchange and Lotus Notes messaging servers, will not affect third party security suppliers because Sybari does not own a core scanning technology for either antivirus or antispam.

According to the Symantec statement, the acquisition will help Microsoft integrate antivirus solutions with Exchange but will still require a scanning engine and support infrastructure from one or more third party antivirus and antispam vendors.

"This acquisition does not provide Microsoft with the security and antivirus response infrastructure necessary to support the virus protection needs of enterprise customers. Detection is only as strong as the best engine plugged into the solution," the statement said.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All