Symantec hit by large-scale flaw
Symantec has issued patches to fix a "high impact" security hole that affects almost every product it currently sells.
According to security rival ISS, which unearthed the vulnerability, the problem lies with the DEC2EXE module in the Symantec Anti-Virus Library, a part of the virus detection engine that makes it possible to detect malware inside executable files compressed using the freeware UPX (Ultimate Packer for eXecuteables) format.
By John E. Dunn at InfoWorld.
[ Read more ]