New Worm Attacks Through Symantec Antivirus App

By NewsFactor Network | December 18, 2006

A new worm is making the rounds, attacking some business computers through a known — and already patched — flaw in a popular antivirus software suite from security firm Symantec.

The worm, called “Big Yellow” and discovered initially by eEye Digital Security, zaps vulnerable computers with malicious code and turns them into remote-controlled zombie machines capable of wreaking all sorts of havoc at the behest of the hackers responsible for creating the worm.

Big Yellow exploits a vulnerability in the remote-management interface for Symantec AntiVirus and Symantec Client Security software packages.

Marc Maiffret, eEye’s founder and CTO, said that the threat appears to be widespread and that eEye is tracking a server used by the worm to download part of its malicious payload. That server has pushed data out to more than 60,000 PCs already, according to eEye’s data.

Old Vulnerability

Although eEye discovered and reported this vulnerability in May 2006 and worked with Symantec to create a patch at that time, many I.T. departments have not yet deployed the fix, Maiffret said. “Given the rapid discovery of critical security vulnerabilities within desktop applications other than Microsoft, the release of malware of this magnitude targeting non-Microsoft software was only a matter of time,” noted Maiffret.

Maiffret also said users need to realize that attacks not only target Microsoft software but also the myriad applications that are scattered throughout a corporate network, from antivirus software to media applications. These non-Microsoft desktop applications, many of which are not even approved by I.T. departments, will become the enterprise’s biggest point of vulnerability, according to Maiffret.

However, Natalie Lambert, an analyst with Forrester Research, said that while the flaw is potentially fatal to some systems, the fact that a fix for the hole was first pushed out by Symantec last May means diligent users can stop the worm in its…

Topics: Tech News |

« Samsung’s YP-T9, now with 8GB of tasty flash | Main | Yahoo : No Click Fraud, But Plenty of Goodwill »

Comments

Name (required)

Mail (will not be published) (required)

Website

Similar Posts

Rinbot Virus Rises, Hits Media Giant
Microsoft Warns of New Excel Vulnerability
New Year Worm Makes the Rounds
Symantec Intros Vista Security Software
Hackers Actively Exploit New Microsoft Word Flaw
Symantec Launches All-in-One Security App
Microsoft Rolls Out New Round of Patches
Microsoft Confirms New Word Vulnerability
Microsoft Warns of New Word Attack
Microsoft Downplays Vista Speech-Recognition Hack
Google Shuts Hole in Desktop Search
Microsoft’s OneCare Finishes Last in Antivirus Test
Patch Tuesday Security Updates Nixed
Will Vista Security Make a Difference?
Storm Worm Rears Its Ugly Head
Is Windows Vista Immune to Malware?
Microsoft Issues Updated Excel Patches
Millions Vulnerable to New Hack Attack
Microsoft Looks Beyond Vista Bugs
Microsoft Joins the OpenAjax Alliance