Computer worm attacks PCs through antivirus software
By Idlewild
@Idlewild (6090)
United States
December 16, 2006 4:56pm CST
A computer worm has attacked some business PCs through a flaw in Symantec's antivirus software, according to a report released Friday by a security company.
The "Big Yellow" worn began attacking some computer systems on Thursday, and so far three reports of the worm's occurrence in companies have been made.
According to the security company, the worm enters machines through a security hole in the corporate version of Symantec's antivirus software.
5 people like this
57 responses
@brokentia (10389)
• United States
17 Dec 06
A security hole? Well, I thought an anti-virus is a program that is not supposed to have a sercurity hole. What is the point then?
I know there are new virus created at the time. And the anti-virus programs are continuously run updates to ensure protection. But what does it say about a program that has a whole? Just exact who would know of this whole? Someone that knows the ins and outs of computers, who want to find a way to personal information? Wow! That person could have an amazing job! Or could it be the company its self attacking their own with the thought of selling a more expensive program?
I guess I am too naive to understand why people create viruses that have the capacity to turn your computer into an oversized paper weight. How is that fun? Are there people that actually do this for entertainment? This is something I don't think I will understand.
But it sounds like one need to have mutliple anti-virus programs to protect one's computer....only problem is, I have never been able to install another if I already had another on my computer.
2 people like this
@Idlewild (6090)
• United States
17 Dec 06
According to the article I read, the security company identified the flaw back in May, and told Symantec about it. Symante issued a patch, but it was up to each company to apply the update. I would hope that they notified their customers with a loud warning with flashing lights and sirens, because as you say, antivirus programs with holes in them are pretty suspect!
2 people like this
@freetrade (3)
• Canada
17 Dec 06
oh no i got the same antivirus, i think i should start doing something maybe change the antivirus so any suggestions about the best antivirus softwares?
@kgwat70 (13388)
• United States
17 Dec 06
This is very interesting to hear since my ocmpany uses Norton at work on the students computers. Sometimes the computers act very strangely so maybe that has something to do with this worm you had mentioned. Thank you for informing us of this information. My computer at work has McAfee but it makes you wonder if there are holes with the other software that is out there.
1 person likes this
@mansha (6298)
• India
17 Dec 06
whats up there is the worm attacking only buisness companies or the individuals are also at risk.What is this whole issue of hole and where can you get the link for finding more about it on web.Do tell us please.
@Idlewild (6090)
• United States
17 Dec 06
Supposedly companies that use Symantec were notified about the threat and the patch, if a company's IT staff are attentive to such things they presumably would have applied the patch and there would be no problem.
The article didn't say who the 3 affected parties were and whether or not they applied the patch.
1 person likes this
@brightsea (141)
• India
17 Dec 06
The same thing happend to my computer 3 years back. I used Norton and my computer got filled with viruses and trojans. 206 trojans!!! It became so bad that the computer was on the verge of crashing an the best part was that Norton said that the computer was free of viruses, worms etc.
@brightsea (141)
• India
22 Dec 06
LOL!!!
NASA will flip when they find out if a ordinary person's computer was hacked and not a person in their agency. :D
@shemb1 (464)
• Sri Lanka
17 Dec 06
Ohhh God it is massive Attact I guess. But I guess this warm camr from not in small hole it should came in pc that no protection at all. May be users didnt protect PC from firewall and it's updation. So it was misatke from the users who using that computer. But I think that warm killed almost big security system. And I suggest to use Macafee secirity center and it's all features. So your computer will protect from what ever, But you should have to update that firewall by daily, that must be do daily.
1 person likes this
@Idlewild (6090)
• United States
17 Dec 06
Doesn't sound massive at all, just three reports, and these came months after the hole was reported and the patch was issued by Symantec. So these three instances may have just been at firms that were careless and didn't install the patch.
1 person likes this
@valerie5142000 (24)
• Philippines
17 Dec 06
I hope i dont get the virus on my pc. what would be the best solution to this problem although it can attack even if their's an antivirus on the computer yet?
@Idlewild (6090)
• United States
17 Dec 06
It only happened on computers that were in businesses, running the professional version of Symantec's software. So if you're concerned about your personal PC, it should be fine.
But you should definitely install any patches the antivirus company issues when they tell you to.
@coolme_kiran (992)
• India
17 Dec 06
every system has a flaw and loophole waiting to be exploited.in this internet age nothing is safe.even if methods are found to curb these kind of worms,newer ones will crop up.
1 person likes this
@vinaykiran28 (5149)
• India
17 Dec 06
a worm through antiviurs software? i think we need to be more careful now
@ladygator (3465)
• United States
17 Dec 06
wow, I hope that I can keep that Big yellow worm out of my computer hole, LOL
1 person likes this
@arunk7319 (1281)
• India
17 Dec 06
This is the first time Iam hearing. Symantec is supposed to the be the leading Anti-Virus provider in the world. How there can be breach in the Security software.
Is this proven.
@Idlewild (6090)
• United States
17 Dec 06
It's only in the business or professional version. Symantec issued a patch and told its customers, but it's up to the customers to apply the patch. The article didn't say whether the companies that got the worm installed the patch, but I'm guessing they may not have.
Similar to when Microsoft notices a hole and issues a warning and a patch but customers don't use it and they get affected.
But yes, for a security company to be have this hole in their software in the first place is embarassing!
1 person likes this
@nebulla (127)
• India
17 Dec 06
Stay on top of internet security trends. The Symantec Security Response Weblog has been created to provide a forum for the team to share ideas and commentary on emerging issues and trends. SO you can discuss the virus and worms online. Even microsift has its limitations
Another ride on the monthly Microsoft patch train. We’ve got quite a few stops this month and most are client-side vulnerabilities, meaning that an end user has to take specific actions (typically by obtaining and then opening hostile content). Unless otherwise stated, the privilege granted to the attacker for all of the below vulnerabilities is the privilege level of the victim user. Most were publicly disclosed for the first time today, but the exceptions are noted. They are listed below in the order of most to least critical for the fabled “typical” network.
@Idlewild (6090)
• United States
17 Dec 06
If a company's IT staff is up on things, with any luck they got the news from Symantec and applied the patch some time ago. Though with all the threats and updates out there, the staff would have to be ultra vigilant--but then if they aren't, they shouldn' tbe working in IT I guess.
1 person likes this
@cooldude8889 (2609)
• Singapore
17 Dec 06
wow..it's norton dude.Who would have thought norton antivirus would also have security flaws?Have they solve the problem yet?
@Idlewild (6090)
• United States
17 Dec 06
According to the article I read, the security company identified the flaw back in May, and told Symantec about it. Symantec issued a patch, but it was up to each company to apply the update. The three companies may have not applied the patch.
And it's only the professional verison.
@shineison (874)
• Uganda
17 Dec 06
i dont know how it happens But I know that Mc afee is better then other antivirus softwares. i dont say that all antivirus softwares are good.
@Idlewild (6090)
• United States
17 Dec 06
I guess modern software is so complex and has so many millions of lines of code that it's hard too plug up all the holes. Symantec did give out a patch, but it was up to the customers to install it. Maybe the companies that got affected didn't install & run the patch.
1 person likes this
@Asylum (47893)
• Manchester, England
17 Dec 06
I read about this recently, and to be honest I am surprised that it has taken so long for the problem to occur.
People have become complacent and assume that a virus attack is by a program written to target Windows or Microsoft Office. This has only been true because they are the most prolific programs and therefore an obvious target.
With the vast variety of available software there must be numerous opportunities for people to attack a computer, and of course Symantec is now used by so many people that it has become a viable opportunity.
@Idlewild (6090)
• United States
18 Dec 06
One thing the article said was that it had become harder for hackers to target Windows because there has been so much attention on problems with the OS, and Microsoft has been working to plug the holes. So the virus writers are looking for other programs and situations to target.
@rogue13xmen13 (14403)
• United States
17 Dec 06
Tell me about it, my computer has one as we speak. I think that it might be a Trojan.
@Idlewild (6090)
• United States
17 Dec 06
According to another article (the one I posted the link to above), ...
the worm "turns vulnerable computers into remote-controlled zombies. It is the second such malicious code in as many months that exploits a 6-month-old security flaw in Symantec Client Security and Symantec AntiVirus Corporate Edition. A fix for the flaw has been available since May."
@mikeyr6000le (2123)
• United States
17 Dec 06
I have an interesting computer problem, I wonder if I got it that way. My computer goes into a kind of sleep mode even when I'm using it. Then I can't do anything at all except shut it off and turn it back on. One day after this happened it started sending emails to Symantec without me doing a thing.
@KeithLDick (17)
• United States
17 Dec 06
Since Symantec took over Norton Anti Virus it has steadily been going down hill...
Try uninstalling it sometime, it is a major pain and their tech support is not much help...
1 person likes this
@crosshair (120)
• India
17 Dec 06
Idlewild thank you for informing this little piece of information. Ya even i don't like symantec. firstly it utilises lot of ram which makes the pc sluggish.
I prefer small antivirus which are free and daily scan with free online virus scanners
KASPERSKY
BITDEFENDER
PANDA
TRENDMICRO
MICROSOFT
all provide virus scanners
And secondly for all those who are installing more than two antivirus software, i inform u that it is a bad technique bcos one antivirus detects other one as a malware and implicitly they stop functioning properly. Explicitly it looks like OK
@Idlewild (6090)
• United States
17 Dec 06
Here is the link to the article, though I've had trouble posting one previously. If this doesnh't work you can try doing a search for Symantec and worm and it should give you the story.
http://news.com.com/2100-1002_3-6144282.html?part=rss&tag=2547-1_3-0-20&subj=news