Symantec has fixed a flaw in its Enterprise Security Manager (ESM) solution that allows an attacker to take complete control of a PC.
The program’s agent accepts remote upgrade requests from any entity that understands the upgrade protocol, not verifying that the requests are from a trusted source, as it should, according to the advisory.
A hacker, assuming they have knowledge of the agent’s protocol, can take control of a PC by infecting it with malicious software.
The anti-virus giant was not aware of any exploits in the wild, according to Symantec.
Click here to email Online Editor Frank Washkuch Jr.
Looking for a new job? SCMagazine.com has the latest IT securty employment opportunities. Click here for our jobs page.