Critical back door-like vulnerability exposes Symantec anti-virus users
In light of a potentially critical vulnerability and with over 200 million people using his anti-virus solutions, are the comments by Symantec CEO John Thompson about a "Microsoft security monoculture" coming back to haunt him?
Symantec Corp.'s leading antivirus software, which protects some of the world's largest corporations and U.S. government agencies, suffers from a flaw that lets hackers seize control of computers to steal sensitive data, delete files or implant malicious programs, researchers said Thursday.....Symantec said it was investigating the issue but could not immediately corroborate the vulnerability. If confirmed, the threat to computer users would be severe because the security software is so widely used, and because no action is required by victims using the latest versions of Norton Antivirus to suffer a crippling attack over the Internet.....Symantec has boasted its antivirus products are installed on more than 200 million computers. A spokesman, Mike Bradshaw, said the company was examining the reported flaw but described it as "so new that we don't have any details.
The researcher outfit that AP is referring to is eEye Digital which issued this report late yesterday. Meanwhile, the report raises interesting questions about comments made by Symantec's CEO John Thompson within the last week. In an interview with with News.com's Joris Evers, Thompson talked about how Microsoft's monoculture is something to beware of from a security perspective now that Microsoft is beginning to provide security products for its flagship operating system Windows -- products that not only compete with Symantec's but that may be able to play a role in protecting sensitive data from the sort of compromise just experienced by the Veterans Administration when one of its PCs were stolen. Said Thompson in his interview with Evers:
If all of a sudden the whole world uses the monoculture of Microsoft and the monoculture of Microsoft security capability, I am not sure we would create a more secure world, diversity in the security platforms supplied on top (of Windows), we think is of great value in protecting that infrastructure.
But, at 200 million PCs, one could argue that Symantec runs a security monoculture itself. One that should be diversified through the usage of third party anti-malware solutions other than Symantec's. In some ways, his own argument works against any growth for Symantec's anti-malware offerings, drawing even more attention to the company's diversification into other categories such as storage management/clustering (Veritas) and identity management.
Meanwhile, in light of this and his own analysis of the overall security landscape, fellow blogger George Ou recommends against running anti-virus software on PCs. Said Ou:
Running antivirus on a personal computer is like having the bomb squad inspect a suspicious package inside the house right next to you.