News

'Big Yellow' Worm Hits Antivirus Program

Worm hits some systems using Norton Antivirus, even though company issued patch back in May.

(San Francisco) A computer worm is attacking some business PCs through a flaw in antivirus software by Symantec Corp., a security company warned Friday. eEye Digital Security, based in Aliso Viejo, said the worm, dubbed "Big Yellow," began attacking some computer systems on Thursday _ seven months after eEye first discovered the flaw.

Symantec released a patch to address the flaw in May but it's up to its corporate customers to install it. Officials at the Cupertino-based security software company said Friday it had so far received three reports of systems affected by the worm.

"It is definitely a new worm, and it is looking for vulnerable systems, but we're not seeing any evidence of a significant outbreak or infection," said Vincent Weafer, a senior director at Symantec's security response unit.

Big Yellow enters machines through a security hole in the corporate version of Symantec's Norton Antivirus software. Once infected with the worm's "bot" program, a hacker can use it as a way to connect with other computers for malicious attacks.

eEye urged corporate information-technology departments to fix the flaw.

comments powered by Disqus

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.