Technology news and Jobs arrow Information Technology News arrow Malware purveyors attack Symantec security system with Big Yellow
Malware purveyors attack Symantec security system with Big Yellow E-mail
by Stan Beer   
Sunday, 17 December 2006
In what could be a trend toward attacking software other than Microsoft products, malware attackers have turned their attention on a vulnerability in Symantec anti-virus software. The exploit, discovered by security watchdog firm eEye Digital, has been dubbed Big Yellow and is now active with characteristics of both a worm and a botnet, according to the company.

Featured Whitepaper

5 Best Practices for Smartphone Support
This is the major vulnerability in Symantec enterprise security identified by eEye earlier this year. In May, an embarrassed Symantec acknowledged that there was a high impact vulnerability in its Symantec Client Security and Symantec AntiVirus Corporate Edition.

eEye says the Symantec exploit is currently propagating in the wild using Symantec’s popular anti-virus software. Big Yellow exploits a vulnerability in the remote management interface for versions of Symantec AntiVirus and Symantec Client Security, which could be remotely exploited by an anonymous attacker in order to execute  arbitrary code with SYSTEM privileges on an affected system, thus giving the attacker complete control.

According to eEye, Many IT departments are not prepared for attacks on non-Microsoft-based applications and have not yet deployed a patch available for this widely deployed anti-virus software.

An eEye spokesperson said the new class of malware presents a very potent problem for the enterprise.

“Given the rapid discovery of critical security vulnerabilities within desktop applications other than Microsoft,  the release of malware of this magnitude targeting non-Microsoft software was only a matter of time,” said Marc Maiffret, eEye’s founder and CTO.

“IT urgently needs to understand that the new vector for attack will not come from Microsoft, but from the myriad applications that are scattered throughout its network. From anti-virus to iTunes, these non-Microsoft desktop applications, many of which IT is not even aware of, will become the enterprise’s biggest point of vulnerability very, very quickly. We strongly recommend IT take two steps immediately. First, enterprises need to implement a vulnerability management program that includes more than just Microsoft applications. Second, enterprise IT should implement a comprehensive, integrated endpoint security product that delivers proactive protection from unknown and known threats.” {moscomment}

Tags See All Tags


Security  Software  Stan Beer 
Powered By Joomla Tags

Please enable JavaScript in your browser to post your comment!
 
< Next story in category   Previous story in the category >
iTWire user statistics Visitors last 30 days
 694,279
Subscribers 15,210
#1 independent technology news advertise here
  •   *  
  • Search
  • AdvSeach
  • Login
  • Events
  • FreeStuff

- Advertisement -

Featured Whitepapers

...More

Today on iTWireToday on iTWire

Latest news
Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

iTWire and you

Contact , Register , Links , About iTWire , Feedback , Post your jobs , Events , iTWire site map , Start Blogging , MyBlogLog page , Advertise with iTWire , Subscribe to SMS headlines , White Papers