News

Worm Attacking Symantec Flaw; Patch Available

A computer worm is attacking some business PCs through a flaw in antivirus software by Symantec Corp., a security company warned Friday.

EEye Digital Security, based in Aliso Viejo, Calif., said the worm, dubbed "Big Yellow," began attacking some computer systems on Thursday -- seven months after eEye first discovered the flaw.

Symantec released a patch to address the flaw in May, but it's up to its corporate customers to install it. Officials at the Cupertino, Calif.-based security software company said Friday it had so far received three reports of systems affected by the worm.

"It is definitely a new worm, and it is looking for vulnerable systems, but we're not seeing any evidence of a significant outbreak or infection," said Vincent Weafer, a senior director at Symantec's security response unit.

Big Yellow enters machines through a security hole in the corporate version of Symantec's antivirus software. Once infected with the worm's "bot" program, a hacker can use it as a way to connect with other computers for malicious attacks.

EEye urged corporate information-technology departments to fix the flaw.

Featured

  • Microsoft Releases Preview of Azure Bastion

    With a new service preview, Microsoft is now letting organizations use a private Internet connection to access Azure virtual machines.

  • The 2019 Microsoft Product Roadmap

    From the next major update to Windows 10 to the next generation of HoloLens, here's what's on tap from Microsoft this year.

  • 2019 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss this year.

  • Microsoft Ends Development on Windows To Go

    The May 2019 update of Windows 10, also known as version 1903, will be the last Windows client OS to have support for Windows To Go.