Anti-virus utility vendor Symantec doesn't know about any Java viruses yet but says it's ready for them when they eventually strike.
The maker of the Norton AntiVirus utility announced today that it has developed technology to detect Java viruses in preparation for the day when one or more start making the rounds on the Internet.
Why bother to protect against something that doesn't exist yet? Symantec officials say the announcement yesterday of the discovery of a new security hole in Java by Princeton University researchers means that a Java virus, while hard to write, could exploit those holes to directly attack files stored on a hard disk.
Sun is expected to offer a patch to the most recently reported problem today on its Web site, but the recurring discovery of Java security flaws makes the eventual creation of a virus likely, if not inevitable. And the anti-virus scanning technology could also be used in other kinds of applications that could root out Java applets designed by hackers to break into computers, said Carey Nachenberg, Symantec's chief architect in its security business unit.
Symantec is prepared to protect against two types of viruses: a simple one that modifies HTML pages as it moves around the Web and a more sneaky and dangerous one that can spread to other Java applets and replicate "parasitically." The company says it's ready to put the technology into the Norton AntiVirus utility at any time.
But Nachenberg says users don't have much to worry about. "Eventually Java will be a very, very safe and stable environmentt. Obviously there are issues with any executable code, but there's few enough people who know about these holes that it's not that much of a threat," he said. "We're just trying to stay ahead of the game."