Symantec shows how to patch a hole
By Stan Beer
Wednesday, 31 May 2006 15:16
Symantec admitted last week that a stack overflow discovered in two of its anti-virus products could potentially allow a remote or local attacker to execute code on an affected machine. The two products were Symantec Client Security 3.0 and 3.1 and Symantec Antivirus Corporate Edition 10.0 and 10.1. However, Symantec's flagship Norton Antivirus products did not have the flaw, which was fixed last Sunday in the two affected product lines.
The vulnerability was discovered by security firm eEye Digital Security which provided the evidence to Symantec. To its credit, Symantec immediately investigated, publicly acknowledged the flaw and fixed it at break-neck speed.
While such a flaw in an anti-virus product could be seen as an embarrassment to a company like Symantec, which is the anti-virus market leader, it has been able to turn the incident into an opportunity to demonstrate its prowess in the security space.
At present, Symantec is pulling out all stops to prove a clear superiority over Microsoft in all things related to IT security. Now that Microsoft has entered the PC anti-virus market with Windows Live OneCare, Symantec's viability as an anti-virus vendor is under threat. The fact that Symantec was able to patch a hole in its own product within days contrasts to some of Microsoft's tardy efforts in the past. However, it must be said that Windows is a product orders of magnitude more complex than anything in Symantec's product range.
