Many an IT staffer already plans to work overtime this weekend installing the avalanche of security patches Microsoft unloaded Tuesday. Now, those using Symantec may be working a little longer.
The Cupertino, Calif.-based antivirus giant is asking users who haven't already done so to upgrade to the latest version of its products to plug a security hole affecting a number of its programs.
The high-risk vulnerability, reported by Internet Security Systems's (ISS) X-Force, was identified in an early version of a Symantec antivirus scanning module responsible for parsing .upx compressed files.
"The vulnerable component fails to do proper bounds checks when analyzing certain container files for virus content," Symantec said in its advisory. "An attacker sending a specifically crafted .upx file could potentially compromise the targeted system."
The vulnerability affects the following Symantec products:
- Gateway Security 1.0/2.0
- Norton Internet Security 2004
- Norton Internet Security 2004 Professional
- Norton SystemWorks 2004
- AntiVirus Corporate Edition 8.0/9.0
- AntiVirus for Caching 4.0
- AntiVirus for Network Attached Storage 4.0
- AntiVirus for SMTP Gateways 3.0
- AntiVirus Scan Engine 4.0
- Symantec AntiVirus/Filtering for Domino
- Brightmail AntiSpam 4.0/5.0
- Client Security 1.0/2.0
- Mail Security for Exchange 4.0
- Mail Security for SMTP 4.0
- Norton AntiVirus 2004
- Norton AntiVirus for Microsoft Exchange 2.0
- Web Security 3.0
Symantec recommended users keep vendor-supplied patches for all application software and operating systems updated. "Symantec strongly recommends customers, if they are not already running a current non-vulnerable product version/build, upgrade to their appropriate product update immediately to protect against these types of threats," the company said.