Tuesday, January 16, 2007

Symantec Corporate on your Network? Read on...

Persistent zombie attacks target Symantec corporate software

[CGT NOTE: Software does not auto-update to correct the flaw.]

Worm attacks are hitting users of the company's corporate antivirus software; its Norton consumer software is not affected.

Symantec first dismissed the threat, but worm attacks that exploit a known security hole in the company's corporate antivirus tool are proving to be persistent.

The attacks target computers running older versions of Symantec Client Security and Symantec AntiVirus Corporate Edition. Compromised systems are turned into remotely controlled zombies by the attacker and used to relay spam and other nefarious activities. Symantec's Norton consumer software is not affected.

"What we have been seeing in December and in the last week and a half is related to new variants of Spybot," Vincent Weafer, senior director of Symantec Security Response, said Tuesday. "We had a couple of versions of Spybot that went nowhere, but these ones found a way to propagate more effectively."

Read on for full article.