Content

Symantec patches corporate anti-virus software

Symantec has issued a patch for a flaw in its corporate anti-virus software that could allow an attacker to access a server.

The flaw in Symantec Anti Virus Corporate Edition v.9.x reveals the server login name and password of the system administrator in charge of the LiveUpdate for the software.

When the LiveUpdate client checks for updates, the LiveUpdate server login name and password are written to a local log file in clear text, according to Symantec.

The company recommends that the user account for the administrator responsible for the LiveUpdate be unique for accessing LiveUpdate packages only, and have no other system access.

<a href='https://www.symantec.com'>www.symantec.com

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.