GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Symantec Says Its Own AV Product Has Zero-Day Vulnerability

minusonebit · 05-26-2006, 09:24 PM

Symantec Says Its Own AV Product Has Zero-Day Vulnerability

The security vendor says its enterprise anti-virus product line has an unpatched, "zero-day" vulnerability that can be used by attackers to hijack systems.

By Gregg Keizer
TechWeb.com

May 26, 2006 03:59 PM

Symantec acknowledged on Friday that its enterprise anti-virus product line has an unpatched, "zero-day" vulnerability that can be used by attackers to hijack systems.

"Symantec Antivirus is susceptible to a remote code-execution vulnerability. This issue allows remote attackers to execute arbitrary code with SYSTEM-level privileges, facilitating the complete compromise of affected computers," the company said in an alert Friday to customers of its own DeepSight Threat Management System.

Thursday, security vendor eEye Digital released a preliminary alert that said Symantec AntiVirus 10.x and Symantec Client Security 3.x included a remotely-exploitable vulnerability that could be attacked via a network-style worm which wouldn't require any user interaction to compromise a computer.

More: http://www.informationweek.com/indus...leID=188500744

Now this is just fucking funny. Even your virus scanner is out to get you these days. Good god.

05-26-2006, 09:24 PM
minusonebit So Fucking Banned Join Date: Feb 2006 Location: [email protected] Posts: 7,391	Symantec Says Its Own AV Product Has Zero-Day Vulnerability Symantec Says Its Own AV Product Has Zero-Day Vulnerability The security vendor says its enterprise anti-virus product line has an unpatched, "zero-day" vulnerability that can be used by attackers to hijack systems. By Gregg Keizer TechWeb.com May 26, 2006 03:59 PM Symantec acknowledged on Friday that its enterprise anti-virus product line has an unpatched, "zero-day" vulnerability that can be used by attackers to hijack systems. "Symantec Antivirus is susceptible to a remote code-execution vulnerability. This issue allows remote attackers to execute arbitrary code with SYSTEM-level privileges, facilitating the complete compromise of affected computers," the company said in an alert Friday to customers of its own DeepSight Threat Management System. Thursday, security vendor eEye Digital released a preliminary alert that said Symantec AntiVirus 10.x and Symantec Client Security 3.x included a remotely-exploitable vulnerability that could be attacked via a network-style worm which wouldn't require any user interaction to compromise a computer. More: http://www.informationweek.com/indus...leID=188500744 Now this is just fucking funny. Even your virus scanner is out to get you these days. Good god.