According to warnings issued by the Secunia security company, Symantec's line of anti-virus software is vulnerable to attack and still there is no patch available for this flaw. All Symantec did was to release an advisory in which it described what was to be done in order to avoid being hacked.

Secunia labeled the vulnerability as "highly critical", while Symantec admitted the risk users are exposed to is "high". The problem is a bug in a shared library which can cause a heap overflow, that may afterwards allow an attacker execute additional code. What that means is that a vulnerable computer that is stricken by the bug could be completely compromised.

All editions of Symantec's Norton Internet Security and Norton AntiVirus, including AntiVirus for the Macintosh, are at risk, as are other products which include the affected library. Those include enterprise-specific lines such as AntiVirus Corporate Edition, Brightmail Anti-Spam, Client Security, and Gateway Security.

Symantec has not issued a patch for the vulnerability, but the DeepSight alert recommended that users disable scanning of RAR archive files.