Big Yellow Worm Attacks Symantec

Yep, you heard that right - there's a Big Yellow Worm and it's got its sights set on Symantec Client Security and Symantec AntiVirus. The new worm, dubbed "Big Yellow" is spreading through a published vulnerability in the security and anti-virus programs which - we should point out - are related to the popular Norton Internet Security and Norton AntiVirus, but are definitely not the same thing. The Symantec versions are intended for business networks and Norton is intended for the consumer market. So far, the Norton products have not been affected.The vulnerability was first discovered and published by eEye a security tools and research firm, back on May 24, 2006. It was then patched by Symantec, just a few weeks later on June 12th. The vulnerability resembles a report of bot activity and seeks to take over networked computers to use them in spreading the malware to other systems.To avoid having the Big Yellow Worm on your network, businesses are advised to make sure that they have the latest versions of Symantec installed - and to block port tcp/2967 at the network gateway to minimize the "attackable surface area," according to the experts at eEye. All users are advised to run the Live Update program on Norton and Symantec products periodically rather than rely on the products to just "update themselves," as many times the programs are set to update virus signatures automatically, but not set to update the anti-virus software itself. Symantec has stated that it is aware of the problem. However, they do report that they are not seeing a "widespread distribution of the worm." For more information on how to keep your system updated, visit www.symantec.com.

http://www.protect-x.com/