p2pnet - rss feed: Symantec ‘Big Yellow’ e-bug
p2pnet.net News:- A significant "new class of malware" with both worm and botnet characteristics is spreading in the wild using Symantec anti-virus software, says eEye Digital Security, calling the malware Big Yellow.
It, "exploits a vulnerability in the remote management interface for versions of Symantec AntiVirus and Symantec Client Security, which could be remotely exploited by an anonymous attacker in order to execute arbitrary code with SYSTEM privileges on an affected system, thus giving the attacker complete control," says eEye.
"Many IT departments are not prepared for attacks on non-Microsoft-based applications and have not yet deployed the patch available for this widely deployed anti-virus software (available here: http://www.symantec.com/avcenter/security/Content/2006.05.25.html)."
The company says it discovered the vulnerability in late May 2006 and worked with Symantec to create a patch at that time.
"However, many IT departments have not yet deployed this patch, as heretofore they have not considered their desktop security applications as a point of vulnerability," it says.
If your Net access is blocked by government restrictions, try Psiphon from the Citizen Lab at the University of Toronto’s Munk Centre for International Studies. Go here for the official download, here for the p2pnet download, and here for details. And if you’re Chinese and you’re looking for a way to access independent Internet news sources, try Freegate, the DIT program written to help Chinese citizens circumvent web site blocking outside of China. Download it here.
Also See:
eEye Digital Security - eEye Digital Security Discovers ‘Big Yellow’, December 15, 2006
p2pnet newsfeeds for your site | | rss feed: http://p2pnet.net/p2p.rss | | Mobile - http://p2pnet.net/index-wml.php
