|
Worm hits via antivirus program
18/12/2006 11:15 - (SA)
Riva Richmond
New York - A worm is attacking personal computers via a known flaw in popular antivirus software from Symantec Corp, as hackers make the unusual move of using a non-Microsoft product to infiltrate PCs.
EEye Digital Security, an Aliso Viejo, California, vulnerability-management company, said it discovered the worm, which it dubbed "Big Yellow", late on Thursday in its "honeypot", a network for collecting malicious programs. A Symantec spokesperson wasn't immediately available for comment.
Big Yellow enters machines through a security hole in the remote management interface of versions of Symantec AntiVirus and Symantec Client Security to take complete control of the computer.
Once infected with the worm's malicious "bot" program, the PC can be networked by an attacker with other computers in a "botnet" and used to attack others on the internet.
EEye urged corporate information-technology departments to fix the flaw, which eEye discovered in late May, using a patch issued by Symantec at that time. It also said network operators should take steps to deploy overdue security patches for other non-Microsoft applications.
"Many IT departments have not yet deployed this patch, as heretofore they have not considered their desktop security applications as a point of vulnerability," eEye said in a press release.
"IT urgently needs to understand that the new vector for attack will not come from Microsoft, but from the myriad applications that are scattered throughout its network."
|
