‘Big Yellow’ Malware lurking in the wild via the Symantec Anti-Virus Software
eEye Digital Security has said that Big Yellow, a non-Microsoft-based malware that was discovered in May 2006 is still lurking in the wild and is using Symantec’s anti-virus software. Big yellow, has both worm and botnet characteristics.
According to eEye Digital Security, many IT departments are not really prepared for attacks on non-Microsoft-based applications. Neither have they started using the patch that has been made available for Symantec’s anti-virus software. Thus, this new class of malware puts forward a very potent problem for any enterprise.
Basically, Big Yellow virus exploits vulnerability in the remote management interface for versions of Symantec AntiVirus and Symantec Client Security, which could be remotely exploited by an anonymous attacker, in order to execute arbitrary code with SYSTEM privileges on an affected system. This gives the attacker compete control over the system.
“We strongly recommend IT take two steps immediately. First, enterprises need to implement a vulnerability management program that includes more than just Microsoft applications. Second, enterprise IT should implement a comprehensive, integrated endpoint security product that delivers proactive protection from unknown and known threats,” added Maiffret.
By the way, eEye’s research team, was also responsible for discovering Code Red, the world’s first major Microsoft-based worm. This time the Big Yellow malware was discovered on December 14.
RSS |
Permanent Link
|
Del.icio.us
|
Cosmos
|
Digg
|
|
