Symantec Closes Open Door for Viruses

Symantec admitted to a critical flaw in its software that could potentially open the door to viruses. The problem affects its entire antivirus product lineup, including the widely used Norton AntiVirus. Symantec has since issued a patch and has urged all users of the software to install it as soon as possible.

"The impact of this vulnerability is exaggerated by the fact that many e-mail and other traffic routing gateways make use of file-scanning utilities that make use of the vulnerable library," Symantec said in an advisory.

"This could allow an attacker to potentially exploit high-profile systems used to filter malicious data, and potentially allow further compromise of targeted internal networks."

Unpatched computers run the risk of being infected with a virus even if protection is enabled.

The vulnerability is caused by the way Symantec's software handles a compression format known as UPX, or Ultimate Packer for Executables. A virus could be created that would exploit a handling error, causing the software to run a malicious Web page or open an infected e-mail rather than quarantine it.

"The vulnerability can be triggered by an unauthorized remote attacker, without user interaction, by sending an e-mail containing a crafted UPX file to the target," Internet Security Systems, who found the flaw, said in a statement.

Security firm Secunia marked the flaw as "highly critical", which is "Typically used for remotely exploitable vulnerabilities, which can lead to system compromise," according to the company's Web site.

22 Responses to Symantec Closes Open Door for Viruses

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.