Symantec Admits to Serious Hole in its Antivirus Software

Jack Writes:Researchers at eEye Digital Security have discovered a serious flaw in Symantec Corp.’s antivirus software that could put millions of computers at risk of a crippling worm attack.

The vulnerability in Symantec’s business security software means an attacker could create a worm capable of taking over a user’s computer and destroying programs and files. The threat has been given a “high” rating because a malicious hacker could exploit the flaw to get on a user’s PC to edit, remove and delete programs and files.

"This could potentially result in an Internet worm," eEye spokesman Mike Puterbaugh told Reuters. "It is a flaw that can be triggered from another location and provides the attacker with system-level access."

An Internet worm is a computer virus that spreads by distributing copies over a network. Most of today’s viruses are worms because almost all computers are linked on a network. This particular hole in Symantec’s software is especially dangerous because a user’s computer can be hijacked even if the user does nothing (like click on a link).

In a published statement, Symantec confirmed eEye’s findings were correct. It said there was indeed a problem with its Client Security 3.1 and Antivirus Corporate Edition 10.1 software, but said the flaw does not affect its widely popular Norton consumer branded products.

"Fixes have been identified for all affected products and work on these fixes is ongoing," the company said in a statement. "To date, Symantec has not had any reports of any related exploits of this vulnerability."

The news comes at the same time experts are warning about heightened activity among cyber criminals who are increasingly interested in breaking into PCs for financial gain rather than simply crashing others’ systems.