Symantec patches anti-virus vulnerability

By Derek Sooman on
Symantec has posted a fix for a vulnerability in their Antivirus Corporate Edition and Client Security products that could have allowed remote users to launch worm attacks. The issues of remote code execution have been resolved now, thanks to the fix which means that the products are no longer vulnerable to a stack overflow. The flaw, which doesn't require any user interaction in order to be exploited, was pretty serious as it impacted enterprise-level customers. A worm crafted to take advantage of the exploit could have had a disastrous impact, particularly on large companies that use the affected software. The flaw was discovered by digital security firm the eEye, who rated the flaw as highly severe.

"As a trend, we are seeing the complexity of software increase and as a result the existence of vulnerabilities is pretty prevalent at the application layer," the eEye spokesperson said. "Anytime you have complex software there are going to be vulnerabilities."

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.