Friday, May 26, 2006

Symantec AV Flaw

Wow, hot on the heels of my last post regarding antivirus options, there comes this news regarding Symantec Antivirus:

A new vulnerability has been discovered by security firm eEye Digital Security in Symantec Antivirus 10.x and Client Security 3.x that could allow for remote code execution. This does not appear to affect the consumer versions of Symantec's products.

The vulnerability report:
http://www.eeye.com/html/research/upcoming/20060524.html

Other news articles on the subject:
http://www.eweek.com/article2/0,1895,1967941,00.asp

http://www.cnn.com/2006/TECH/internet/05/25/antivirus.flaw.ap/index.html?section=cnn_topstories

Note that this is only a preliminary report from eEye, and Symantec should be given the opportunity to respond accordingly.

While a vulnerability in a security product can be a scary thing, this shouldn't be too much concern for anyone who has implemented a reasonable amount of layered security, such as a firewall restricting port access to all systems, whether public-facing or not.

0 Comments:

Post a Comment

Links to this post:

Create a Link

<< Home