Home / Symantec confirms high-risk corporate AV flaw

Symantec confirms high-risk corporate AV flaw

Researchers have exposed a flaw in Symantec’s corporate anti-virus software, which could allow hackers to gain control of an affected computer.

Researchers have exposed a flaw in Symantec’s corporate anti-virus software, which could allow hackers to gain control of an affected computer.

Symantec has now confirmed the existence of the vulnerability on its website, but has yet to release a patch to secure the affected versions. Its website is currently offering detection tools to help organisations detect attempts to exploit the flaw, although at this stage no exploits are known to exist.

The flaw – a stack overflow in Symantec Client Security version 3.0 and above and Symantec AntiVirus Corporate Edition version 10.0 and above – was discovered by researchers at eEye Digital Security on May 24. Symantec released a statement the following day, and confirmed the vulnerability on May 26.

Under the details section of its statement, the anti-virus firm said: “Symantec was notified that Symantec Client Security and Symantec AntiVirus Corporate Edition are susceptible to a potential stack overflow. Exploiting this overflow successfully could potentially cause a system crash, or allow a remote or local attacker to execute arbitrary code with System level rights on the affected system.”

Kevin Isaac, regional director for the Middle East and North Africa at Symantec, said he had no comment to make on the specific situation, other than what was contained in the firm’s statement on the web.

“We have always advocated a defence in depth strategy, meaning anti-virus is never enough. You’ve got to have your firewall, you’ve got to have your intrusion detection on all your devices, even on your desktop devices. For example, Symantec issued an update which blocked this vulnerability using the firewall and the intrusion detection in Symantec Client Security immediately,” said Isaac.

“The defence in depth strategy has always worked very well in the situation where one specific technology has been found wanting and is being resolved.”

The flaw does not affect consumer versions of Symantec’s anti-virus and security software, such as its Norton range of products.

Symantec has recently been bullish about its ability to compete with Microsoft on the security front, following the Redmond software giant’s move to integrate security products with its delayed Windows Vista operating system.

“We know more about security than they [Microsoft] ever will,” Symantec CEO John Thompson said at an event earlier this month.

Two weeks ago Symantec launched a lawsuit against MS, alleging the firm had misappropriated storage technology from Veritas, a company Symantec bought last year.

More information is available from the Symantec website here.

Follow us to get the most comprehensive technology news in UAE delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.