Slashdot Mirror
Symantec AntiVirus Hole Found
Hotwater Mountain writes "eWeek has a story about a gaping security flaw in the latest versions of Symantec's anti-virus software suite that could put millions of users at risk of a debilitating worm attack. According to eEye Digital Security, the company that discovered the flaw, the vulnerability could be exploited by remote hackers to take complete control of the target machine 'without any user action.'"
Is it server-side or client-side? Is it push or pull?
If it affects the install on the clients, but needs to get access to them, I wave my paw and say "bah."
If, on the other hand, it can attack the server...
Well, then again, everything should be behind a firewall anyway, with only needed ports forwarded.
I mean that's just common sense...
if the answer isn't violence, neither is your silence / freedom of expression doesn't make it alright
OK that leaves about every question unanswered.
At least give us a little bit on how this vulnerability could be exploited other than: This flaw does not require any end user interactionThrow me a friggin bone here! I'm the user... Need the info...
I suppose the important part is they got the scoop!
Symantec hasn't actually ever made a good product. They BUY good products and then drive them into the ground. Ghost was just the last of the Norton suite of products that they got arround to breaking.
Actually as far as I can tell Symantec hasn't actually ever made a product at all. I'm sure they must have once, how else did they ever get the money to buy Norton in the first place (venture capital I guess), but every Symantec product I can think of was originally aquired from someone else.
I'd find it very hard to imagine a company that has done nothing but destroy every piece of intelectual property it aquires and continues to make money. Unfortunately I've seen it...
I've never seen a program cause as many problems as some of these name brand anti-virus programs.. they're worse than having the viruses!!! and they add extra complexity that gives attackers more possibilities for exploitation.
... I'm saying stuff that everybody already knew... but nobody cared enough to nuke that company for the good of the world.
Keep your patches up to date, or don't connect to the internet...
Don't open ANY freaking attachments, unless you expect it, and you know where it came from... or don't connect to the network.
My mom's computer has their security suite? set up on it... it basically just nags her when programs try to do anything... it's nice that it warns about Real Player's nasties... but we all know to unistall that basterd and just use the codec...
Please use [ informative / summarizing ] SUBJECT LINES
Flame me here
Why? AOL's been doing it for YEARS. Remember ICQ? Winamp? Need I say more?
Well, in our case we tried hard to replace symantec's enterprise av, but nothing could fit our network as well. The main selling point is that the SAV console works for us. We have 100s of sites across the country on every imaginable type of connection, and each and every other AV "enterprise" suite fell on its face -- except Symantec's. We really, REALLY, wanted trendmicro's officescan product to work. It is, by far (IMO), one of the best admin-centric AV tools out there, but it, too, could not handle our disparate network.
There's more to AV than your home computer. Managing 1000s of machines across the country takes more than the tinyest AV program you can stick on one computer. Our needs are first and foremost having an AV install on each system, with good virus defs, and that we can actually manage remotely. SAV is still the best for that in our opinion....
"All great things are simple & expressed in a single word: freedom, justice, honor, duty, mercy, hope." --Churchill