Symantec’s Anti-Virus Software Has An Exploitable Hole

'eEye Digital Security', on December 15 2006, announced its discovery of "Big Yellow", a malware not related to Microsoft, that has both 'worm' and 'botnet' features and is now traversing in the wild using a popular anti-virus software of security vendor Symantec. eEye Digital leads in developing 'endpoint security and vulnerability management software programs' as well as is the security industry's most important contributor to 'security research and education'.

This popular anti-virus software of Symantec has a security hole dubbed as "Big Yellow". The exploit manipulates a component within the 'remote management interfaces' of both 'Symantec Anti-Virus' and 'Symantec Client Security'.
Researchers first found the worm on December 14, 2006 on Symantec's 'honeypot' network, a system specifically meant to detect new attacks. An autonomous attacker could exploit the issue and execute arbitrary code to gain complete command of an affected system.

Marc Maiffrett, eEye's CTO, claims the 'Big Yellow' to be the first most automated threat. He said the worm appearing to be of Chinese origin has already attacked many systems all over the world. He added in the light of so many 'critical security vulnerabilities' within other desktop applications different from Microsoft, the release of this latest malware targeting non-Microsoft software was only sure to arrive.

Maiffrett continued by highlighting the need for IT administrators to be better equipped to fight against attacks from any direction. Current attacks increasingly aim at software produced by companies other that Microsoft.
eEye recommends taking two urgent steps. First, enterprises need to enforce a 'vulnerability management program' that handles more than just Microsoft applications. Secondly, IT units of enterprises to get results should deploy a 'coherent integrated endpoint security product' that provides proactive protection against known and unknown threats.

According to Maiffrett, attacks on non-Microsoft applications would become commonplace in the future since information technology professionals are not aware of their existence.

Marc Maiffrett is convinced that 2007 will face a vulnerability explosion and exploits against security firms like Symantec and other non-Windows vendors like Apple. The 'non-Microsoft desktop applications', many of which IT professionals do not know even, are likely to become enterprises' biggest vulnerability point very soon.

Related article: Sentence for American Contractor for Sabotaging Government Navy Computers

» SPAMfighter News - 12/21/2006