Mobile

Flaw found in Symantec antivirus app

Flaw found in Symantec antivirus app

Researchers at eEye Security, the people who discovered the Code Red worm a few years ago, have reported a flaw that could expose millions of corporate systems to a worm attack. Vulnerable are version 10 and greater of Symantec's enterprise antivirus software; according to eEye, Norton consumer editions are not vulnerable. Few details have been released pending a thorough review by Symantec, but researchers do say that this flaw, which allows privilege escalation, could allow the execution of malicious code. No patch is available at this time. Last year, researcher Alex Wheeler started reporting flaws found within antivirus apps, and I expect more flaws to be found within trusted security products in the future.