X
Tech
Home Tech Security

Worm spreads through Symantec AV hole

A worm which scans for various Windows and Symantec AV vulnerabilities spread with though a limited number of Universities in the US and Australia.  Although these vulnerabilities were patched by Microsoft and Symantec, the worm probed for vulnerability on port 2967 looking for a Symantec anti-virus client vulnerability found in May of 2006.
Written by George Ou, Contributor

A worm which scans for various Windows and Symantec AV vulnerabilities spread with though a limited number of Universities in the US and Australia.  Although these vulnerabilities were patched by Microsoft and Symantec, the worm probed for vulnerability on port 2967 looking for a Symantec anti-virus client vulnerability found in May of 2006.  The irony here is that the software that is suppose to protect the computer it's running on actually opened it up for an attack it wouldn't have otherwise had without the AV software.  This isn't the first time a worm has taken advantage of software designed to protect its host, the Witty worm in March of 2004 ravaged Desktop computers running security gateway software from ISS with lightning speed using an undocumented exploit.

I pointed out back in May that running antivirus on the desktop computer is like having the bomb squad inspect a suspicious package inside your house.  Couple this with the fact that desktop AV software slows your PC to a crawl and it makes us wonder if it's all worth it or if there are better alternatives like gateway AV scanning devices and best practice procedures for desktop lockdown.

Editorial standards
Show Comments

Related

Microsoft Copilot

7 reasons I use Copilot instead of ChatGPT

pxl-20240424-181716738

Facebook's Meta AI is lying when it says you can disable it - but here's what you can do

asus-zenbook-14-main

The work laptop I recommend to most people is not made by Apple or Lenovo