ELECTION 2010 Election 2010 Free Daily IT Newsletter
PDFPrintE-mail

Symantec shows how to patch a hole

Business IT - Security

In a masterful demonstration of security patchwork, security vendor Symantec demonstrated to the world how to fix a vulnerability in a piece of software, successfully plugging a gaping hole in its own anti-virus software in just five days.

Symantec admitted last week that a stack overflow discovered in two of its anti-virus products could potentially allow a remote or local attacker to execute code on an affected machine. The two products were Symantec Client Security 3.0 and 3.1 and Symantec Antivirus Corporate Edition 10.0 and 10.1. However, Symantec's flagship Norton Antivirus products did not have the flaw, which was fixed last Sunday in the two affected product lines.

The vulnerability was discovered by security firm eEye Digital Security which provided the evidence to Symantec. To its credit, Symantec immediately investigated, publicly acknowledged the flaw and fixed it at break-neck speed.

While such a flaw in an anti-virus product could be seen as an embarrassment to a company like Symantec, which is the anti-virus market leader, it has been able to turn the incident into an opportunity to demonstrate its prowess in the security space.

At present, Symantec is pulling out all stops to prove a clear superiority over Microsoft in all things related to IT security. Now that Microsoft has entered the PC anti-virus market with Windows Live OneCare, Symantec's viability as an anti-virus vendor is under threat. The fact that Symantec was able to patch a hole in its own product within days contrasts to some of Microsoft's tardy efforts in the past. However, it must be said that Windows is a product orders of magnitude more complex than anything in Symantec's product range.

SPONSORED ANNOUNCEMENTS

AVG Threat Labs to Provide Innovative, Free Detection Tools to Internet Community

Friday, 03 Sep 2010

AVG Technologies, developers of the world’s most popular free anti-virus software, today announced a limited public beta test of its new online tool, AVG Threat Labs. Designed to help consumers combat criminal elements on the Web, Threat Labs is an innovative online information portal that merges the quantitative Web threat detection data that AVG routinely collects from its almost 100 million users with data from AVG’s LinkScanner technology.


Editors Picks

Stories you may have missed 

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases