Symantec/Norton: vulnerable or not?
A story released yesterday is claiming that the popular Norton security products for PC’s has a “gaping security flaw” that could permit hackers to exploit millions of user systems worldwide:
A gaping security flaw in the latest versions of Symantec’s anti-virus software suite could put millions of users at risk of a debilitating worm attack, Internet security experts warned May 25.
Researchers at eEye Digital Security, the company that discovered the flaw, said it could be exploited by remote hackers to take complete control of the target machine “without any user action.”
“This is definitely wormable. Once exploited, you get a command shell that gives you complete access to the machine. You can remove, edit or destroy files at will,” said eEye Digital Security spokesperson Mike Puterbaugh.
“We have confirmed that an attacker can execute code without the user clicking or opening anything,” Puterbaugh said.
eEye, based in Aliso Viejo, Calif., posted a brief advisory to raise the alarm about the bug, which can allow the execution of malicious code with system-level access.
The flaw carries a “high risk” rating because of the potential for serious damage, Puterbaugh said.
Symantec, of Cupertino, Calif., confirmed receipt of eEye’s warning and said an investigation was underway.
Pretty serious stuff. But Symantec’s response?
Overview
Symantec was notified about a potential remotely exploitable vulnerability affecting Symantec AntiVirus Corporate Edition 10.x.Norton products do not contain the code affected by this potential vulnerability, and none of the Norton products are affected by this issue.
Symantec Response
Symantec product teams are currently investigating this report. If necessary, we will provide updates for all currently supported products to resolve this issue.This advisory will be updated as additional information becomes available.
So, which is it? Is there a “gaping security flaw” in Norton or do those products “not contain the code affected by this potential vulnerability“? And if that’s the case, what’s the Symantec investigation investigating?
Someone’s either covering up or hyping up. The question of which it is will tell us who it is.
