We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,678 News Articles

Symantec squashes antivirus bug

Patch for flaw now available

Symantec has patched a widely reported flaw in the English versions of its corporate antivirus software.

The flaw, which affects recent versions of its Client Security and Antivirus Corporate Edition products is considered serious, and could be exploited by hackers to run unauthorised software on unpatched PCs.

It was discovered by rival security vendor eEye Digital Security and first disclosed last Wednesday. Three days later, Symantec patched the problem, according to an alert published on Saturday on Symantec's website.

The patches are for English-language versions of Symantec's products only, and a Symantec spokesman could not say when the complete line of products would be patched.

Symantec did not release many details on the flaw, but eEye has warned that it is the kind of vulnerability that could be used to build a self-replicating worm attack, similar to the Blaster and Slammer outbreaks of 2003.

That has not happened to date, and Symantec "is not aware of any customers impacted by this vulnerability, or of any exploits of this vulnerability", the alert said.

The problem affects version 3.0 and above of Client Security, and version 10.0 and above of Antivirus Corporate Edition. Symantec's Norton consumer antivirus products are not affected.

A number of other flaws have been reported in Symantec's security products over the past year. Last December, researcher Alex Wheeler discovered a flaw in Symantec's Antivirus Library that could allow remote attackers to gain control of systems that used Symantec's products. Research about the flaw can be found here.

In October a critical flaw was found in the company's Scan Engine software. Information about the flaw can be found here.

EEye's note on the flaw can be found here.


IDG UK Sites

Top 5 Android tips and tricks for smartphones and tablets

IDG UK Sites

How to join Apple's OS X Beta Seed Program: Get OS X Yosemite on your Mac before public release

IDG UK Sites

Why the BBC iPlayer outage was caused by a DDoS attack: Topsy and Tim isn't *that* popular

IDG UK Sites

BBC using Glasgow 2014 Commonwealth Games to trial 4K/UHD, pan-around video, augmented video and...