Symantec
has patched a publicly reported security flaw in its enterprise
anti-virus software.
The flaw affects
recent versions of its Client Security and Antivirus Corporate
Edition products, and was discovered by rival security company eEye
Digital Security last week.
The flaw was said
to allow hackers to run unauthorised software on users’ PCs.
Symantec has now confirmed the threat and plugged it with a patch
for users to install.
eEye said the flaw
allowed attackers to launch a self-replicating worm attack on
corporate networks, something Symantec has not confirmed.
The patch released
is for the English versions of the products affected. A patch for
other versions is expected to follow.
The threat affects
version 3.0 and above of Client Security, and version 10 and above
of Antivirus Corporate Edition.
Symantec's Norton consumer anti-virus products are not affected by
the bug.