Yesterday (May 30), software company Symantec released a patch to address a vulnerability in its enterprise antivirus product line (English version), which was discovered nearly a week ago.
The vulnerability affects recent versions of the Client Security and Antivirus Corporate Edition products. Experts have assessed that the vulnerability is quite serious, as it can be exploited by hackers to run unauthorized software on the victim’s computer.
According to a Symantec spokesperson, the current patch is only available for the English version of these software packages; full versions for other languages have not yet been announced.
Symantec did not disclose much information about the vulnerability; however, according to a warning from eEye, it is a type of vulnerability that could be exploited to initiate a self-propagating attack, similar to the “Blaster” or “Slammer” worms from 2003.
Nonetheless, Symantec also stated that they have not received any reports of computers being attacked due to this vulnerability. The vulnerability only affects version 3.0 and later of Client Security and impacts version 10 and later of Antivirus Corporate Edition. The Norton antivirus product line is not affected.
It is known that Symantec’s security products have previously experienced several serious vulnerabilities. In December 2005, security researcher Alex Wheeler discovered a flaw in the Symantec Antivirus Library that could allow hackers to remotely attack and take control of a victim’s computer running Symantec software – (see at: http://www.rem0te.com/public/images/symc2.pdf). In October 2005, a serious vulnerability was discovered in the Scan Engine software – (see at: http://www.symantec.com/avcenter/security/Content/2005.10.04.html).
