Vulnerability assessment firm eEye Digital Security issued an advisory Wednesday detailing a remotely executable flaw within Symantec anti-virus software. eEye said the vulnerability – which does not have to be initiated by an end user – could compromise affected systems, allowing for the execution of malicious code and heightened privileges.
eEye said the vulnerability also affects Symantec Client Security 3, possibly in addition to other products.
Symantec, however, said in an advisory that it could not verify the bug and that no in-the-wild exploit code was available.
"Norton products do not contain the code affected by this potential vulnerability, and none of the Norton products are affected by this issue," the company’s advisory said. "Symantec product teams are currently investigating this report. If necessary, we will provide updates for all currently supported products to resolve this issue."
The company said it is not aware of any impacted customers.