Symantec has patched a publicly reported security flaw in its enterprise anti-virus software.
The flaw affects recent versions of its Client Security and Antivirus Corporate Edition products, and was discovered by rival security company eEye Digital Security last week.
The flaw was said to allow hackers to run unauthorised software on users’ PCs. Symantec has now confirmed the threat and plugged it with a patch for users to install.
eEye said the flaw allowed attackers to launch a self-replicating worm attack on corporate networks, something Symantec has not confirmed.
The patch released is for the English versions of the products affected. A patch for other versions is expected to follow.
The threat affects version 3.0 and above of Client Security, and version 10 and above of Antivirus Corporate Edition.