Symantec Antivirus software flaw allows hackers to seize control of PCs without user interaction

“Symantec Corp.’s leading antivirus software, which protects some of the world’s largest corporations and U.S. government agencies, suffers from a flaw that lets hackers seize control of computers to steal sensitive data, delete files or implant malicious programs, researchers said Thursday,” Ted Bridis reports for The Associated Press.

“Symantec said it was investigating the issue but could not immediately corroborate the vulnerability. If confirmed, the threat to computer users would be severe because the security software is so widely used, and because no action is required by victims using the latest versions of Norton Antivirus to suffer a crippling attack over the Internet,” Bridis reports. “Symantec has boasted its antivirus products are installed on more than 200 million computers.”

“Researchers from eEye Digital Security Inc. of Aliso Viejo, Calif., discovered the vulnerability and provided evidence to Symantec engineers this week, said eEye’s chief hacking officer, Marc Maiffret. He demonstrated the attack for The Associated Press,” Bridis reports.

Full article here.

eEye Digital Security describes the Symantec flaw: “A remotely exploitable vulnerability exists within the Symantec Antivirus program. This flaw does not require any end user interaction for exploitation and can compromise affected systems, allowing for the execution of malicious code with SYSTEM level access. Severity: High.”

eEye Digital Security Advisory: http://www.eeye.com/html/research/upcoming/20060524.html

MacDailyNews Take: Some of the world’s largest corporations and U.S. government agencies wouldn’t be suffering today if they had picked the superior platform in the first place. They wanted cheap; they got it. As always, Mac users should not purchase Symantec (or McAfee) products. Do not patronize scare-mongering leeches that are in panic mode because Mafiasoft has decided to muscle in on their action.

Advertisements:
Amazon.com: Switching to the Mac: The Missing Manual, Tiger Edition by David Pogue
Introducing the super-fast, blogging, podcasting, do-everything-out-of-the-box MacBook.  Starting at just $1099
Get the new iMac with Intel Core Duo for as low as $31 A MONTH with Free shipping!
Get the MacBook Pro with Intel Core Duo for as low as $47 A MONTH with Free Shipping!
Apple’s new Mac mini. Intel Core, up to 4 times faster. Starting at just $599. Free shipping.
iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.

Related MacDailyNews articles:
Symantec sues Microsoft to halt Windows Vista development – May 19, 2006
Symantec CEO: We think more people ought to buy Apple Macs – May 15, 2006
Symantec CEO: We think more people ought to buy Apple Macs – May 15, 2006
Analyst: McAfee’s recent Apple Mac security report is ‘sloppy scaremongering’ – May 08, 2006
Unix expert: Mac OS X much more secure than Windows; recent Mac OS X security stories are media hype – May 03, 2006
Macs and viruses: the true story – May 02, 2006
Network World: Apple’s Mac OS X is significantly more secure than Windows – May 01, 2006
Anti-Mac FUD machine shifts into overdrive – May 01, 2006
FUD Alert: Viruses don’t catch up to the Mac – May 01, 2006
Microsoft: recovery from Windows malware becoming impossible; better to to wipe and rebuild – April 04, 2006
BusinessWeek: Apple should hire security czar to combat uninformed media FUD – March 09, 2006
Apple Mac remains ‘unhacked’ as University of Wisconsin’s Mac OS X Security Challenge ends – March 08, 2006
Spate of recent Mac security stories signal that Microsoft, others getting nervous – March 06, 2006
Apple Mac OS X clearly offers superior security over Microsoft Windows – March 02, 2006
Apple Mac OS X has a lot more vulnerabilities than Windows XP? – February 28, 2006
Enderle: Security vendors see Apple as next big opportunity – February 28, 2006
As Apple Mac grows in popularity, will security issues increase? – February 27, 2006
The Idiot’s Guide to Mac Viruses For Dummies 101 – February 24, 2006
Wired News: ‘Mac attack a load of crap’ – February 22, 2006
Report: Apple developing fix for automatic execution of shell scripts – February 21, 2006
Ars Technica: Fears over new Mac OS X ‘Leap-A’ trojan pointless – February 20, 2006
Atlanta Journal-Constitution asks: Is ‘Mac virus’ all just propaganda from Mac haters? – February 20, 2006
Patched in mid-2005 by Apple, Symantec warns ‘Inqtana-A’ worm could be ‘beginning of a trend’ – February 20, 2006
Mafiasoft: Microsoft to charge $50 per year for security service to protect Windows – February 07, 2006
eWeek: Intel transition a ‘security non-issue’ for Apple Mac – January 30, 2006
ZDNet Australia publishes latest Mac OS X security FUD article – January 26, 2006
IDC: Apple Mac 2005 U.S. market share 4% on 32% growth year over year – January 20, 2006
ZDNet Australia publishes latest Mac OS X security FUD article – September 09, 2005
Joke of the month: Gartner warns of Mac OS X ‘spyware infestation’ potential – March 30, 2005
Symantec warns about Mac OS X security threat – March 21, 2005

46 Comments

  1. “Symantec Antivirus software flaw allows hackers to seize control of PCs without user interaction”

    “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”

    Your move, Alberto Gonzales.

  2. “Symantec IS a virus.”

    I suspected that as well. So, I searched for a layout of their headquarters and I stumbled across a site map of their facilities.

    ” rel=”nofollow”>Here it is.

  3. LOL! – Nice, rasterbator!

    Turns out that Barney is secretly planning Symantec’s every move.

    Transcripts from a private investigator hired to track Symantec’s new wonder boy:

    Barney: Hello, my name is Barney Gumble, and I’m an alcoholic.
    Lisa: Mr Gumble, this is a girl scouts meeting.
    Barney: Is it, or is it you girls can’t admit that you have a problem?

    Barney: Hey, Homer, I’m worried about the beer supply. After this case, and the other case, there’s only one case left.

    Barney: 40 dollars!? This better be the best damn beer ever.. [drinks beer] You got lucky.

    Barney: Aaah! Natural light! Get it off me! Get it off me!

    Barney: Hey, can I throw up in your bathroom? I’ll buy something.

    Barney: Whoa, someone smells stinky! Oh, its me.

  4. Mac users should not purchase Symantec (or McAfee) products

    I totally agree, but I just came from a Apple Store and there is Symantec Norton AV widely displayed next to Mac’s!!!

    Totally unneeded and stupid of Apple to set software like that next to Mac’s much less even sell the garbage.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.