eEye Digital Security is reporting that they have uncovered a major vulnerability in Symantec's AV product. Basically it will allow a remote hacker to compromise any machine that is running Norton Anti-Virus. This is a big oops. Symantec will have to scramble to get an update pushed out to all of their customers. I would imagine they can do this before an exploit is developed that allows wide spread use of the vulnerability or a worm to spread.
This revelation coincides with Symantec's press release announcing their 200 millionth customer. Not a happy coincidense. Especially when John Thompson has been on the road preaching the evils of the Microsoft Monoculture. From this article:
"If all of a sudden the whole world uses the monoculture of Microsoft and the monoculture of Microsoft security capability, I am not sure we would create a more secure world," Thompson said. "Diversity in the security platforms supplied on top (of Windows), we think is of great value in protecting that infrastructure."
There is something to be said for the theory that dominance by any vendor does not make for a secure world.