Flaw Found in Symantec Corporate Antivirus

Walaika K. Haskins,
newsfactor.com

Some of the largest corporations in the world, in addition to U.S. government agencies, might be at risk from a flaw discovered in the latest version of Symantec's antivirus software suite for businesses.

According to eEye Digital Security, the newly discovered vulnerability could enable hackers to seize control of computers and access sensitive data, delete files, or remotely install malicious software.

Symantec has said that the vulnerability reported by eEye does not affect its Norton brand of products, which indicates consumers have little to worry about at this point.

"Symantec Product Security is evaluating the suspected issue in its Symantec AntiVirus corporate products and is working on providing prompt mitigation solutions for any confirmed issues," said Mike Bradshaw, a Symantec spokesperson.

Don't Panic

According to eEye, the vulnerability can be exploited remotely by hackers "without any user action." Once a PC has been compromised with the flaw, eEye claims, hackers have system-level access to that computer, with the ability to remove or edit any files.

The security firm has posted an "upcoming advisory" on its Web site, but has promised not to reveal any details that would help hackers launch attacks until Symantec has had an opportunity to issue a patch.

If there is something good about the vulnerability, said Natalie Lambert, an analyst at Forrester Research, it is that the flaw only affects corporate customers and not average consumers.

Corporations typically have policies in place to make sure their machines are updated quickly, she said, while home users are notoriously lax.

Flaw Severity

Lambert said that, in terms of the seriousness of the flaw, there is no exploit circulating yet, so Symantec has some time to get a patch together.

"Because it is impacting the enterprise product, it will have less people impacted by it," she explained. "If it were a Norton product it would be a very different story."

Lambert gave eEye kudos for identifying the flaw without making the details public. But she suggested that "real responsible disclosure" would have meant eEye reporting the flaw to Symantec alone.

"But they are giving Symantec time to repair the problem and send out the patch," she said.

http://news.yahoo.com/s/nf/20060527/tc_nf/43580

Copyright © 2006 NewsFactor Network, Inc.