14 DAY TRIAL // A highly critical vulnerability has been discovered in Symantec Mail Security, which may allow an attacker who manages to exploit it to compromise the affected system, Secunia wrote in a security notification rolled out today. The flaw exists in Symantec Mail Security for SMTP version 5.0.1 with Patch 187, but other versions might be affected as well. Symantec Mail Security is a technology powered by the Cupertino company, being supposed to protect the inboxes from all kinds of threats, including spam and other unsolicited messages. Today's flaw was rated as highly critical by Secunia, so we're still waiting for an official response from Symantec.
"The vulnerabilities are caused due to various errors within the third-party Lotus 1-2-3 file viewer and can be exploited to cause buffer overflows when a specially crafted file is checked. Successful exploitation allows execution of arbitrary code, but requires that e.g. a policy is setup for scanning the contents of messages", Secunia wrote in the advisory.
There's no patch available yet, but the only solution to avoid a successful exploitation of the vulnerability is to "disable scanning of message content if enabled", as Secunia added.
This isn't the first time when Symantec's products are affected by more or less critical vulnerabilities, although we all know the company's tools are pretty efficient when it comes to blocking threats. And these vulnerabilities are only good things, because it proves us that he company is still working on it, so better performance in expected anytime soon.
However, Symantec has always managed to patch the flaws in no time, so I believe there's no risk if you avoid dangerous content and apply Secunia's solution. In addition, you can always keep an eye on the security news in order to know if there's any patch available, or worse, if other vulnerabilities have been discovered.