Symantec AntiVirus Worm Hole Puts Millions at Risk

By Ryan Naraine Print this article Print

A gaping code execution flaw in Symantec's anti-virus product suite could allow malicious hackers to take complete control of a system without any user action. Symantec is investigating.

A gaping security flaw in the latest versions of Symantec's anti-virus software suite could put millions of users at risk of a debilitating worm attack, Internet security experts warned May 25.

Researchers at eEye Digital Security, the company that discovered the flaw, said it could be exploited by remote hackers to take complete control of the target machine "without any user action."

"This is definitely wormable. Once exploited, you get a command shell that gives you complete access to the machine. You can remove, edit or destroy files at will," said eEye Digital Security spokesperson Mike Puterbaugh.

Click here to read about Symantec's use of a rootkit-type feature in its Norton SystemWorks.

"We have confirmed that an attacker can execute code without the user clicking or opening anything," Puterbaugh said.

eEye, based in Aliso Viejo, Calif., posted a brief advisory to raise the alarm about the bug, which can allow the execution of malicious code with system-level access. The flaw carries a "high risk" rating because of the potential for serious damage, Puterbaugh said.

Symantec, of Cupertino, Calif., confirmed receipt of eEye's warning and said an investigation was underway.

"[Our] product security team has been notified of a suspected issue in Symantec AntiVirus 10.x. [We] are evaluating the issue now and, if necessary, will provide a prompt response and solution," a Symantec spokesperson said in a statement sent to eWEEK.

Read the full story on eWEEK.com: Symantec AntiVirus Worm Hole Puts Millions at Risk

This article was originally published on 2006-05-25
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.