|
|
|
| Symantec products have a serious flaw |
| Sunday, December 25, 2005 at 12:51 by Laurence Norah |
An independent security analyst has found a flaw with Symantec's security products, which affects the majority of the company's anti-virus software.
The bug, which can result in a users PC being totally compromised, revolves around how Symantec's products scan for viruses within compressed RAR archives.
Symantec have not produced a patch for this flaw as yet, although one is promised. The only defence so far is an update to their heuristic virus detection code which scans for potential exploits of the vulnerability. Symantec have given no timeframe for a patch as yet.
|
|
| |
 
|
|
| Poor Software Quality Assurance testing is to blame for this serious flaw. A less-than-stellar product that cannot out perform its compeititors, |
|
|
| The blame always goes to the folks at the the bottom of the totem pole. I cannot speak for Symantec, but being an SQA engineer, I can tell you the last product I worked on shipped with over 1000 known bugs, just to hit a date set by PM. Furthermore, test equipment and SQA engineers (just one!!!) were inadequate. |
|
|
|
All software contains bugs. I work for one of Switzerland's large banks and the latest release of our online banking product contained hundreds of defects. Higher management pushed to have it turned up, against the opinions of the business and IT project leaders. So who suffered the consequences ? The customers and the IT staff who's job it was to support it and eventually apply 10 separate patches in the 4 weeks following going live. nuff said. |
|
|
|
|
|
|
|
|
