This just in from
InformationWeek:
Symantec's line of anti-virus software is vulnerable to attack, a prominent security researcher revealed Tuesday. The bug is currently unpatched, although Symantec has issued an advisory.
The vulnerability, which was discovered and reported by Alex Wheeler, is in how Symantec's AntiVirus Library, part of all the Cupertino, Calif.-based security giant's anti-virus products, handles RAR compressed files. RAR files are created by the WinRAR compression utility, developed and sold by RarLabs.
The bug, labelled as "Highly critical" by Danish vulnerability tracker Secunia and "High" by Symantec itself, can cause a heap overflow, which then may let an attacker execute additional code. Bottom-line: the bug could result in a completely compromised machine.
Despite the irony of Symantec's program being a compromising liability on your computer, I'll refrain from much joking. If you're using the software, just a helpful reminder to temporarily disable it until patched and instead pick up one of the other virus scanners on a trial basis.
For those who would like to discuss the issue (or chuckle at how the software to keep your computer free from viruses actually enables you to get viruses), feel free to slip past our firewalls and
leave a post in our forums.
Want to comment? Please log in.