This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
A stack overflow in several products, including its anti-virus family, was fully patched as of Sunday, according to an updated advisory on Symantec's Web site.
Symantec finished patching its buggy anti-virus line Sunday, just days after another security vendor said that machines running Symantec's enterprise products could be easily hijacked.
A stack overflow in the Cupertino, Calif. security company's Client Security 3.0 and 3.1, and its AntiVirus Corporate Edition 10.0 and 10.1, were fully patched as of Sunday, according to an updated advisory on Symantec's Web site. The fixes must be downloaded and installed manually.
Early Friday, Symantec confirmed that the two corporate anti-virus titles were flawed, and said it was working on a fix. Later that day, the company posted signature updates to its intrusion prevention system (IPS) appliances to protect those customers with the hardware on their networks.
The bug was discovered by Aliso Viejo, Calif.-based eEye Digital Security, which on Wednesday disclosed the vulnerability. eEye rated it as a "high" threat because it could be exploited by a worm that didn't require any user interaction.
As expected, Symantec's patch job was remarkably quick. Last week, eEye Digital spokesman Mike Puterbaugh said he was counting on Symantec to fix the flaw fast. "Symantec will fix this fairly quickly," said Puterbaugh. "Certainly a lot faster than the 140+ day average it takes Microsoft to fix a vulnerability."
Symantec's consumer-grade anti-virus family, which is sold under the Norton nameplate, was not vulnerable to the bug.
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2020 State of DevOps ReportDownload this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
IT Automation Transforms Network ManagementIn this special report we will examine the layers of automation and orchestration in IT operations, and how they can provide high availability and greater scale for modern applications and business demands.