Symantec patches corporate anti-virus software

By

Symantec has issued a patch for a flaw in its corporate anti-virus software that could allow an attacker to access a server.

The flaw in Symantec Anti Virus Corporate Edition v.9.x reveals the server login name and password of the system administrator in charge of the LiveUpdate for the software.


When the LiveUpdate client checks for updates, the LiveUpdate server login name and password are written to a local log file in clear text, according to Symantec.

The company recommends that the user account for the administrator responsible for the LiveUpdate be unique for accessing LiveUpdate packages only, and have no other system access.

www.symantec.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Melbourne dev finds gift card PINs can be brute-forced

Melbourne dev finds gift card PINs can be brute-forced

Department of Health to centralise SecOps model

Department of Health to centralise SecOps model

Zero-click Apple and WhatsApp bug combo used to drop gov spyware

Zero-click Apple and WhatsApp bug combo used to drop gov spyware

Jaguar Land Rover hit by cyber incident

Jaguar Land Rover hit by cyber incident

Log In

  |  Forgot your password?