posted
Symantec has issued a patch for a flaw in its scanning software that could cause a virus to run, rather than catch it.
The vulnerability affects an antivirus library used by the majority of Symantec's antivirus and antispam products, including Norton SystemWorks 2004 and Symantec Mail Security for Exchange, the security provider said on Tuesday.
The software is aimed at a range of systems, from consumer desktops to large corporate mail servers, meaning the flaw could be used to take control of key corporate systems or to install programs to grab people's identity data.
"The impact of this vulnerability is exaggerated by the fact that many e-mail and other traffic routing gateways make use of file-scanning utilities that make use of the vulnerable library," Symantec said in an advisory. "This could allow an attacker to potentially exploit high-profile systems used to filter malicious data, and potentially allow further compromise of targeted internal networks."
Computers are at risk if they run an unpatched version of a Symantec product that scans files to detect malicious code and if they use the Microsoft Windows, Mac OS X, Linux, Solaris and AIX operating systems, Symantec said.
Security information company Secunia, which rates the seriousness of software vulnerabilities, gave the Symantec flaw its second-highest threat grade, "highly critical."
Symantec is distributing patches to its customers through its LiveUpdate automatic update service and other mechanisms. It warned companies that do not use those services to download the patches from its Web site and apply them as soon as possible.
Symantec declined to comment on the vulnerability, and Internet Security Systems could not immediately provide a spokesperson to address the issue.
The announcement of the flaw happened the same day that Microsoft released a dozen patches to fix holes in its Windows operating system and other applications. Microsoft also announced it intended to buy security company Sybari, which would put the software giant in direct competition with Symantec.
Other products that use the Symantec antivirus scanning library include Symantec's Brightmail antispam software and Symantec Web Security.
Printer-friendly view of this topic