Symantec Counters Worm Attack
Symantec Counters Worm Attack
May 31, 2006: Heeding eEye Digital Security’s warning, Symantec has announced recommendations to reduce the risks associated with its software vulnerability. This, in spite of declaring that the company is unaware of customer impact!
Researchers at eEye Digital Security recently declared that versions of Symantec's anti-virus business security software contained a flaw that could put millions of computers at risk of a crippling worm attack. This software vulnerability threatened to allow an attacker to create a worm able to take over a user's computer and destroy critical programs and files.
Symantec is a leading maker of anti-virus software used by consumers and businesses.
“eEye rates the threat as high because a hacker can exploit the flaw to get on a machine and edit, remove and delete programs and files without a user doing anything,” says eEye spokesman Mike Puterbaugh. According to eEye, this could potentially result in an internet worm. “It is a flaw that can be triggered from another location and provides the attacker with system-level access.”
Symantec has announced that it is not aware of any customers impacted by this vulnerability or of any exploits of this vulnerability.
The software giant has recommended that its customers immediately apply the latest Security Update to protect against potential attacks. The company has even posted a risk-prevention list on its website:
- Restrict access to administration or management systems to privileged users only, with additional restricted access to the physical host system(s) if possible. - Keep all operating systems and applications updated with the latest vendor patches. - Follow a multi-layered approach to security. Run both firewall and antivirus applications, at a minimum to provide multiple points of detection and protection to both inbound and outbound threats. - Be cautious visiting unknown or un-trusted websites or following unknown URL links. - Do not open attachments or executables from unknown sources or that you didn't request or were unaware of. Always err on the side of caution. Even if the sender is known, the source address may be spoofed.
The company insists that this issue does not affect its popular Norton consumer brand of products.
The eEye warning has come at a time when cyber criminals are more interested in breaching systems for financial gain rather than win notoriety by unleashing a devastating worm. In fact, the number of headline-grabbing viruses has slowed since the Blaster worm outbreak in 2003, which targeted Microsoft software and devastated several computers worldwide. Understandably, Symantec has thanked eEye Digital Security for reporting this issue.
Comment on this story
Related Article: