Fri, Dec 23 2005 7:54 Don

Symantec Confirms AV Library Flaw, Promises Patches

Anti-virus vendor Symantec Corp. has publicly acknowledged that a high-risk buffer overflow vulnerability in its AntiVirus Library could lead to code execution attacks when RAR archive files are scanned.

One day after private security researcher Alex Wheeler flagged the issue as a serious risk, Symantec issued an advisory of its own, confirming the vulnerability exists in 64 enterprise and consumer-facing products.

"Symantec is currently working to create and distribute product updates for all affected products," the company said in a note to customers.

eWeek
Related Story: http://msmvps.com/blogs/donpatterson/archive/2005/12/20/79539.aspx
Filed under: