Worm hits computers' antivirus program

updated 7:05 p.m. ET Dec. 15, 2006

SAN FRANCISCO - A computer worm is attacking some business PCs through a flaw in antivirus software by Symantec Corp., a security company warned Friday.

EEye Digital Security, based in Aliso Viejo, said the worm, dubbed "Big Yellow," began attacking some computer systems on Thursday — seven months after eEye first discovered the flaw.

Symantec released a patch to address the flaw in May but it's up to its corporate customers to install it. Officials at the Cupertino-based security software company said Friday it had so far received three reports of systems affected by the worm.

"It is definitely a new worm, and it is looking for vulnerable systems, but we're not seeing any evidence of a significant outbreak or infection," said Vincent Weafer, a senior director at Symantec's security response unit.

Big Yellow enters machines through a security hole in the corporate version of Symantec's Norton Antivirus software. Once infected with the worm's "bot" program, a hacker can use it as a way to connect with other computers for malicious attacks.

EEye urged corporate information-technology departments to fix the flaw.

MORE FROM SECURITY

Security Section Front

Debate over possible responses to cyber attacks   Experts work to untangle cyber attacks S. Korean Web sites under renewed attack White House among targets of cyber attack U.S. eyes N. Korea for ‘massive’ cyber attacks How a denial-of-service attack works A look at Estonia’s cyber attack in 2007 Researchers say they can guess your SSN Chinese go online to vent ire at Xinjiang unrest Dell launches digital forensics service for police Security Section Front   Add Security headlines to your news reader: