WASHINGTON – Symantec Corp. has repaired a serious problem with versions of its leading antivirus software, which protects some of the world's largest corporations and U.S. government agencies. The flaw lets hackers steal sensitive data, delete files or implant malicious programs.
Symantec began providing a repairing patch for its software over the Memorial Day weekend, just days after researchers disclosed the problem. The speedy response — many software manufacturers take months to do similar repairs — underscored the seriousness of the threat, which affected the latest corporate versions of Symantec Antivirus.
The company said the patch is available using its LiveUpdate technology, which distributes the latest antivirus protections. The company said it has not detected efforts by hackers to exploit the antivirus flaw.
Symantec said its engineers have worked 24 hours a day on the problem since its discovery last week by eEye Digital Security Inc. of Aliso Viejo, Calif. "Symantec is a company used to responding rapidly," said Vince Weafer, senior director for Symantec's security response unit.
Weafer said consumer versions of Symantec's popular Norton Antivirus software — sold at retail outlets around the country — were not vulnerable to the flaw. Symantec's antivirus products are installed on more than 200 million computers.
eEye published a note about its discovery on its Web site last week but pledged not to reveal details publicly that would help hackers attack Internet users until after Symantec repaired its antivirus software.
An eEye executive, Marc Maiffret, said Tuesday the company will wait until patches are available for all language-editions of Symantec's antivirus products before disclosing further details, which he said could come as early as this week.
"I can't believe they were able to turn that around so fast, definitely a good job for them," Maiffret said.