Symantec vows to stay ahead of Microsoft
Through innovation, Symantec Corp. will survive Microsoft's push into the security market, company CEO John Thompson vowed Monday. Symantec will devote more resources into research and development in the coming year, he told reporters at the Cupertino, Calif.-based antivirus giant's annual Vision conference in San Francisco.
"Our strategy is to out-innovate Microsoft," CNET News.com quoted Thompson as saying. "We know more about security than they ever will."
Microsoft has moved aggressively to improve the security in its products through product improvements such as those in Windows XP Service pack 2 (SP2), as well as antispyware and malware-removal tools. It is also baking further security enhancements into the upcoming Windows Vista operating system and is developing a security service called Windows Live OneCare. "Competition with Microsoft is inevitable, given the way the tom-toms are beating at the moment," Thompson said.
Virus poses as fantasy soccer worksheet
A new virus is infecting Microsoft Excel files under the camouflage of a fantasy soccer worksheet, UK antivirus firm Sophos plc warned on its
XF97.Yagnuul-A is an Excel formula virus that infects .xls spreadsheet files, dropping an infected file that helps people create their own fantasy soccer league with other fans of the English Premier League, Sophos said, noting that the Premier League is an English football league made up of the best teams in England, and has millions of followers based around the globe.
"Fantasy football-like leagues have been set up in offices across the country, and fans often keep track of how well they are doing by using Excel spreadsheets," Graham Cluley, Sophos' senior technology consultant, said in a statement.
He said Yagnuul is a virus of two halves -- one part infects existing Excel spreadsheets, while the other drops an infected fantasy league file onto the victim's drive. "You may think you are just reusing someone else's harmless spreadsheet, but behind the scenes a virus may be preparing to strike," Cluley said.
Sophos fixes AV bug
Attackers could execute a variety of arbitrary commands by exploiting a critical security hole in Sophos' antivirus products, the French Security Incident Response Team (FrSIRT) said in an advisory.
"This flaw is due to a heap corruption error within the unpacking of Microsoft Cabinet (.cab) files containing invalid folder count values within the .cab header, which could be exploited by attackers to execute arbitrary commands and compromise a vulnerable system," FrSIRT said. Attackers could send an e-mail containing a malicious .cab file to a machine being protected by an affected Sophos product to exploit the flaw, for example.
In its own advisory, Sophos said it has patched the problem and that the vulnerability doesn't prevent Sophos's desktop on-access scanner from correctly detecting viruses.