14 DAY TRIAL // Symantec has warned its customers to patch or upgrade their security products because of a recently discovered vulnerability that could actually cause a virus to run, rather than catch it.
The vulnerability affects an antivirus library used by the majority of Symantec's antivirus and antispam products, including Norton System Works 2004 and Symantec Mail Security for Exchange, the security provider announced. These programs are designed for a wide range of systems, from consumer desktops to large corporate mail servers.
Computers are at risk if they run an unpatched version of a Symantec product that scans files to detect malicious code and if they use the Microsoft Windows, Mac OS X, Linux, Solaris and AIX operating systems, Symantec said.
Security company Secunia, which rates the threat level of software vulnerabilities, gave the Symantec flaw its second-highest threat grade, "highly critical."
The problem exists in how the scanning code handles a compression format known as the Ultimate Packer for eXecutables (UPX).
A hacker could write a virus designed to exploit this flaw and send it by email to victims or maybe host it on a website and have the users visit that page. An unpatched Symantec scanner checking incoming e-mail or the Web pages that users browse would run the program instead of catching the virus.
Symantec is distributing patches to its customers through its LiveUpdate automatic update service and other mechanisms. The company's priority is to ensure all of its customers either install a patch to plug the hole or upgrade to the latest version.