Tuesday, February 27, 2007

Bad Week For Symantec

Symantec's having a tough week. First an ActiveX component developed by SupportSoft that Symantec uses in its products was found to have multiple vulnerabilities that could allow an attacker to compromise a user's computer by way of a malicious website. Affected Symantec products: Norton AntiVirus, Norton Internet Security, System Works, and Automated Support Assistant. To their credit, they are protecting their antivirus customers by releasing virus signatures that attempt to catch exploits of the flaws.

As if that weren't bad enough, the SEC has announced that Symantec's servers were hacked by a small trading company called Blue Bottle, who used their access to the servers to get advance notice of press releases and then trade Symantec stock with that insider knowledge. It's just never good when a security company's own servers are hacked. In addition to Symantec, 11 other US firms, including Real Networks were compromised giving Blue Bottle over $2.7m in profits.

No comments: