Symantec Antivirus Targeted by Malware

December 19th, 2006: As Windows XP gets more secure, hackers are increasingly turning to third party applications to probe holes for possible exploits.

Now it’s Symantec’s turn with its antivirus software exploited by the very code it is trying to eradicate.

Called “Big Yellow” by eEye Digital Security, the malware targets Symantec Antivirus Corporate Edition and exploits it via a flaw in the remote management interface, turning targets into zombies that can be remotely controlled and added to a botnet.

The worm is the second to target Symantec Antivirus this year, and while a fix for the flaw has been available for six months, many IT departments and users aren’t used to updating software for security fixes outside of Windows XP.

eEye warns that attacks using third party software will become more prevalent, and due to the inability of many IT departments to actively monitor exactly what applications are installed on computers across their networks, this form of vulnerability could become a serious problem for enterprises.

Comment on this story