Computer Worm Attacks Pcs Through Antivirus Software

A computer worm has attacked some business PCs through a flaw in Symantec's antivirus software, according to a report released Friday by a security company. The "Big Yellow" worn began attacking some computer systems on Thursday, and so far three reports of the worm's occurrence in companies have been made. According to the security company, the worm enters machines through a security hole in the corporate version of Symantec's antivirus software.

[question posted by Idlewild]

responses and comments:

A security hole? Well, I thought an anti-virus is a program that is not supposed to have a sercurity hole. What is the point then? I know there are new virus created at the time. And the anti-virus programs are continuously run updates to ensure protection. But what does it say about a program that has a whole? Just exact who would know of this whole? Someone that knows the ins and outs of computers, who want to find a way to personal information? Wow! That person could have an amazing job! Or could it be the company its self attacking their own with the thought of selling a more expensive program? I guess I am too naive to understand why people create viruses that have the capacity to turn your computer into an oversized paper weight. How is that fun? Are there people that actually do this for entertainment? This is something I don't think I will understand. But it sounds like one need to have mutliple anti-virus programs to protect one's computer....only problem is, I have never been able to install another if I already had another on my computer. [brokentia]

oh no i got the same antivirus, i think i should start doing something maybe change the antivirus so any suggestions about the best antivirus softwares? [freetrade]

This is very interesting to hear since my ocmpany uses Norton at work on the students computers. Sometimes the computers act very strangely so maybe that has something to do with this worm you had mentioned. Thank you for informing us of this information. My computer at work has McAfee but it makes you wonder if there are holes with the other software that is out there. [kgwat70]

whats up there is the worm attacking only buisness companies or the individuals are also at risk.What is this whole issue of hole and where can you get the link for finding more about it on web.Do tell us please. [mansha]

Since Symantec took over Norton Anti Virus it has steadily been going down hill... Try uninstalling it sometime, it is a major pain and their tech support is not much help... [KeithLDick]

wow, I hope that I can keep that Big yellow worm out of my computer hole, LOL [ladygator]

I actually run two or three antivirus and firewalls but in the last two weeks have found 4 trojans 2 hackers and 1 worm that seem to get past. Everyone needs to have other scanning software and do daily scans if on multipal sites regularly. Som pay to slick search engines have then attatched and some webmasters even let the members no not to click them. [nhtpscd]

I should say the worms are so strong that it seems no antivirus or firewall can detect all of the virus, even you scan your pc everyday and update it everyday! If you run two or more antivirus,sometimes it may make the system unstable. until now, i feel Kapaseky is good. I don't like Norton! Norton often detects the virus but unable to delete it! [maximus2006]

Stay on top of internet security trends. The Symantec Security Response Weblog has been created to provide a forum for the team to share ideas and commentary on emerging issues and trends. SO you can discuss the virus and worms online. Even microsift has its limitations Another ride on the monthly Microsoft patch train. We've got quite a few stops this month and most are client-side vulnerabilities, meaning that an end user has to take specific actions (typically by obtaining and then opening hostile content). Unless otherwise stated, the privilege granted to the attacker for all of the below vulnerabilities is the privilege level of the victim user. Most were publicly disclosed for the first time today, but the exceptions are noted. They are listed below in the order of most to least critical for the fabled typical network. [nebulla]

If a company's IT staff is up on things, with any luck they got the news from Symantec and applied the patch some time ago. Though with all the threats and updates out there, the staff would have to be ultra vigilant--but then if they aren't, they shouldn' tbe working in IT I guess. [Idlewild]

i dont know how it happens But I know that Mc afee is better then other antivirus softwares. i dont say that all antivirus softwares are good. [shineison]

This is the first time Iam hearing. Symantec is supposed to the be the leading Anti-Virus provider in the world. How there can be breach in the Security software. Is this proven. [arunk7319]

It's only in the business or professional version. Symantec issued a patch and told its customers, but it's up to the customers to apply the patch. The article didn't say whether the companies that got the worm installed the patch, but I'm guessing they may not have. Similar to when Microsoft notices a hole and issues a warning and a patch but customers don't use it and they get affected. But yes, for a security company to be have this hole in their software in the first place is embarassing! [Idlewild]

wow..it's norton dude.Who would have thought norton antivirus would also have security flaws?Have they solve the problem yet? [cooldude8889]

According to the article I read, the security company identified the flaw back in May, and told Symantec about it. Symantec issued a patch, but it was up to each company to apply the update. The three companies may have not applied the patch. And it's only the professional verison. [Idlewild]

The same thing happend to my computer 3 years back. I used Norton and my computer got filled with viruses and trojans. 206 trojans!!! It became so bad that the computer was on the verge of crashing an the best part was that Norton said that the computer was free of viruses, worms etc. [brightsea]

LOL!!! NASA will flip when they find out if a ordinary person's computer was hacked and not a person in their agency. :D [brightsea]

A leading software company that selling antivirus has security holes? hmmm... I think it was tested before it was release, why this happen.. [clickerz]

I guess modern software is so complex and has so many millions of lines of code that it's hard too plug up all the holes. Symantec did give out a patch, but it was up to the customers to install it. Maybe the companies that got affected didn't install & run the patch. [Idlewild]

every system has a flaw and loophole waiting to be exploited.in this internet age nothing is safe.even if methods are found to curb these kind of worms,newer ones will crop up. [coolme_kiran]

www.indiawithme.blogspot.com download new anti-virus [connectajinkya]

what is the best antivirus for the brontok virus? [valerie5142000]

Ohhh God it is massive Attact I guess. But I guess this warm camr from not in small hole it should came in pc that no protection at all. May be users didnt protect PC from firewall and it's updation. So it was misatke from the users who using that computer. But I think that warm killed almost big security system. And I suggest to use Macafee secirity center and it's all features. So your computer will protect from what ever, But you should have to update that firewall by daily, that must be do daily. [shemb1]

Doesn't sound massive at all, just three reports, and these came months after the hole was reported and the patch was issued by Symantec. So these three instances may have just been at firms that were careless and didn't install the patch. [Idlewild]

I hope i dont get the virus on my pc. what would be the best solution to this problem although it can attack even if their's an antivirus on the computer yet? [valerie5142000]

It only happened on computers that were in businesses, running the professional version of Symantec's software. So if you're concerned about your personal PC, it should be fine. But you should definitely install any patches the antivirus company issues when they tell you to. [Idlewild]

yea..I saw this coming,,ya just cant trust anything anymore,This is why I use AVG antivirus..they update everyday just about,and i dont use my email, i use yahoo's and hotmail so if there is ever something like that happen it will happen to there system not mine...i am so scared to download anything anymore.Thanx for the information by the way..have a good one! [cloud_kicker_32]

You're welcome, and this problem is just for the professional version of the software, running in corporations. Using Web mail will definitely help, since the mail won't be on your desktop unless you download it there specifically. [Idlewild]

a worm through antiviurs software? i think we need to be more careful now [vinaykiran28]

Worm, virus can be prevent using the most powerful firewall, antivirus softwares, there are a lot of softwares, but there is still chances to get worn into the system, 100% preventions for worm is not possible. [shaf732]

For over the last 10 years, I have been using Kasperky AVP system, seems a better one for the general users. Plus SPybot search and destroy and Spyware Blast could help to tighten your computer fighting those spywares and worms. [moreinfo]

thanks for the information... [vanities]

It is really interesting to hear that the company on whom more than half of the companies depend thier securities..is also having wholes and bugs..then what the use of having antivirus or such s/w..I know its not possible to make a system 100% virus free but being the No. of company in antivirus solution people expects more from them !!! [shyam4uall]

Idlewild thank you for informing this little piece of information. Ya even i don't like symantec. firstly it utilises lot of ram which makes the pc sluggish. I prefer small antivirus which are free and daily scan with free online virus scanners KASPERSKY BITDEFENDER PANDA TRENDMICRO MICROSOFT all provide virus scanners And secondly for all those who are installing more than two antivirus software, i inform u that it is a bad technique bcos one antivirus detects other one as a malware and implicitly they stop functioning properly. Explicitly it looks like OK [crosshair]

Here is the link to the article, though I've had trouble posting one previously. If this doesnh't work you can try doing a search for Symantec and worm and it should give you the story. http://news.com.com/2100-1002_3-6144282.html?part=rss&tag=2547-1_3-0-20&subj=news [Idlewild]

Tell me about it, my computer has one as we speak. I think that it might be a Trojan. [rogue13xmen13]

According to another article (the one I posted the link to above), ... the worm "turns vulnerable computers into remote-controlled zombies. It is the second such malicious code in as many months that exploits a 6-month-old security flaw in Symantec Client Security and Symantec AntiVirus Corporate Edition. A fix for the flaw has been available since May." [Idlewild]

You know what I think? Those people who created the anti-virus software are also the people who makes the viruses. because if there's no virus, what are they going to do? Nothing! So what they do, they create virus first so you will purchase anti virus then they will create new viruses so you need to update again your anti virus so their work will not finish.... [maevic]

anti-virus software are bullshit for me, they slows down my computer, giving false alarm all the time, and yet, my computer is full of viruses... So now I've decided not to use any anti-virus, instead, I backup my computer more frequently by using some drive image software. So if anything happens, I'll just restore it back to the original state. Fast, easy and safe [abukaka]

this type of worm's are developed by the company itself , and then they come up with a new software and make people buy it thats all the stuff is all about [lesterdsa]

thanks for the info, will keep a look out for this. [susanscs]

thats is true, many antivirus programme made by third party are added with some trojan,spyware and somethings related, [yam219]

heyy in my suggestion symmantec antivirus is not that much of a good antivirus.its memory hogging.i suggest use avg antivirus [jibulee]

i have norton antivirus and it is working fine [_Greeneye_]

That's what you get for using Norton. It's useless. Free anti-virus works a lot better. You are just wasting your money. [borg_queen]

R U SERIOUS!? IF U R THEN ITS A GREAT TROUBLE! [r0ck_r0ck]

they are taken care for this, I use symantec [amministra]

Yes, Almost Every AntiVirus contains one or the other flaw [hs4884]

i'm better with some spyware than with a stupid slow antivirus. [serpico]

thanks for sharing, will take extra precaution on this.. =D [phdmoneymaker]

ahaan ... m usin AVG !! n befo dis i was usin NORTON !! both ar SUPERB ! VIRus cant harm ma PC ! [ateebansari]

Well i use Quick Heal license copy. it does not slow my pc. from 6 monts i am using it and i found it is much better than any other antivirius software. [sandy999]

I use Avast it's free + Ad-Aware SE + ewido, i never have any problem, but i am very careful because one is never completely protected. [Padilla]

nope i havent heard anything like that.. [vikceo]

It really shows how screwed up these companies can be.. imagine a biggy like symantec doing it.. you can't rely these antiviruses now.. maybe mcafee is better.. [honest007]

I read an interview with the guy who programmed Solitaire for Windows. He was asked if it was true that 'interesting' pictures flashed up momentarily during the game, and was there a way of slowing the game down enough to see them. His answer was 'Yes there are pictures, and installing Norton should slow your PC down enough to see them.' [busstoptoyshop]

you people don`t understand that ymantec is the most stupid antivirus program ever ... try using NOD32 ... it is the best! [m4riu5]

how can one trust a antivirus software if it has holes that can be hacked?? Norton always been suky kinda av software!! [pikubk]

Alert over Spybot worm Don't let your PC become a zombie... The program, called 'Spybot.ACYR' by Symantec and 'Sdbot.worm!811a7027' by McAfee, appears to be targeting educational institutions, according to a blog item posted by Symantec. The security company said: "We are seeing a spike in traffic on port 2967 with activity only in the dot-edu domain. The impact of the attack is minimal thus far." Additionally, the bot program tries to exploit five flaws in Microsoft Windows, the most recent of which was patched in August and affects Windows file and printer sharing. The oldest Windows flaw of the five dates back to 2004, according to Symantec's alert. When installed on a PC, Spybot opens a back door in the system and connects to an internet relay chat (IRC) server to let the remote attacker control the compromised computer. Spybot first surfaced in 2003 and has spawned many offshoots. Bot software such as Spybot is the most prevalent threat to Windows PCs, according to a recent Microsoft security report. More than 43,000 new variants of such insidious programs were found in the first half of 2006, making it the most active category of malicious software, Microsoft said. A computer taken by such a bot is popularly referred to as a 'zombie PC'. It can be used by miscreants as part of a network of bots, or 'botnet', to relay spam and launch cyber attacks. Additionally, hackers often steal the victim's data and install spyware and adware on PCs, to earn a kickback from the spyware or adware maker. [theredlion_17]

Its a Catch 22 situation isnt it? Viruses are released or security loopholes are found, so the antivirus software makers patch the loophole, so the hackers find new loopholes and the software makers make new patches and so on and so forth [timou87]

hm.... may b thank god i'm not using Symantec tool;) AVG is cool try it [perfectkiller]

Excellent. A security software is supposed to protect from all worms, trojans etc. I am working in Linux so I don't have to face such problems. [babray06]

I had a difficult time with my computer all morning and I eventually gotten around to installing another Virus program. [sharon613]

i dont know much about it...!!! sorry people!! [djsinner1]

well, i think this is just another trick that been made antivirus software developer. they wish to butcher their own sftware [money_maker01]

Thanks for the head up! You would think that businesses have better security too [nyzballa12]

I read about this recently, and to be honest I am surprised that it has taken so long for the problem to occur. People have become complacent and assume that a virus attack is by a program written to target Windows or Microsoft Office. This has only been true because they are the most prolific programs and therefore an obvious target. With the vast variety of available software there must be numerous opportunities for people to attack a computer, and of course Symantec is now used by so many people that it has become a viable opportunity. [Asylum]

One thing the article said was that it had become harder for hackers to target Windows because there has been so much attention on problems with the OS, and Microsoft has been working to plug the holes. So the virus writers are looking for other programs and situations to target. [Idlewild]

You will NEVER be safe from my wonderful worms! [thehaxyone]

I am not surprised because SYmantec's Lab. have a poor antivirus sistems, like Bit Defender. So it is normal that this happend. [emmet18]

There are FREE programs better than norton like avg, avast, and antivir. [cowboyzfan]

I am using Macafee on my pc and i think it is better than symantec norton. [vishal2006]

Symantec antivirus sux big time get something real i use nod32 antivirus and it never gave me any kinda pain and its the top rated antivirus aswell [Haiderim]

I have an interesting computer problem, I wonder if I got it that way. My computer goes into a kind of sleep mode even when I'm using it. Then I can't do anything at all except shut it off and turn it back on. One day after this happened it started sending emails to Symantec without me doing a thing. [mikeyr6000le]

That's strange, haven't heard of that before. Sounds like some kind of virus or something, especially if it starts sending emails to Symantec. [Idlewild]

Computer Worm Attacks Pcs Through Antivirus Software

Computer Help and Commentary