It does seem that Symantec have not made any patches available directly from the web site. I hear you need to phone them up with your serial number and valid support contract details to get a fix.
Come on symantec, you are very keen on listing all the Microsoft bugs on your web site, how about making it easy to fix your own first!

Now they need to handle other various executable packers and stealth methods. I had once downloaded an infected EXE file and the virus scanner never warned me, even if I manually scanned it. The EXE packer was like FSG or FGS I believe. One of those not so common formats I guess. Once I downloaded the unpacker tool and unpacked the EXE, BAM!, the Symantec AV saw the infection. You still have some work to do Symantec.

I have already sent a report to Syamntec about this.

And here was Symantec complaining about MS AntiViral acquisitions in the last few days. I'm glad someone caught this critical vulnerability.

I use the corporate version (9 - not my choice by the way) but when I follow links on Symantec site I have not been able to find the patches. Perhaps they expect us to pay for them ?!

I can't find it either.

See my comments below.

See my comments below.

You Need your 9.x serial number.
https://fileconnect.syma...gin.jsp?localeStr=en_US

The version I just downloads said 9.0 on this page, but when installed its really 9.0.2.1000

That's odd. In their advisory regarding this they mentioned the following:

---

Symantec Response
Symantec confirmed the vulnerability ISS identified in the original DEC2EXE engine. The DEC2EXE engine is no longer required to parse compressed files. Prior to ISS contacting Symantec with this vulnerability, Symantec had already removed the DEC2EXE engine from the scan engine upgrades implemented in the majority of Symantec products.

Symantec has NOT seen any active attempts against or organizations impacted by this issue. However, Symantec Security Response created Bloodhound.Exploit.26, a heuristic detection for attempts to exploit the DEC2EXE.dll heap overflow vulnerability. Virus definitions version 70209af (extended version 2/9/2004 rev. 32) or greater contain this heuristic and are available via Symantec LiveUpdate or Symantec's Intelligent Updater.

Recommended Upgrades
As a part of normal best practices, users should keep vendor-supplied patches for all application software and operating systems up-to-date. Symantec strongly recommends customers, if they are not already running a current non-vulnerable product version/build, upgrade to their appropriate product update immediately to protect against these types of threats.

Symantec product engineers have developed and released updates or Maintenance Releases for all impacted product versions that were not already upgraded in the latest product build release. Updates and Maintenance Releases are available either through Symantec's LiveUpdate for those products that have LiveUpdate capability or from the Symantec Product Support site at http://www.symantec.com/techsupp.

The serial number I have doesn't work on that page!

No matter what anyone says about Microsoft, at least when they make a patch available it is easy to find. I searched all over Symantec site and can not find anything other than a link that takes me to a page that blissfully tells me there are no updates for my product.

It just confirms to me that Symantec don't seem to know what a customer is. If anyone from that company is reading this, please put a nice big link on the front page of your web site so we can all fix the problem!

I departed from the use of ANY TYPE OF SYMANTEC AV OFFERING literally years ago when I myself noticed how crappy, unstable and overbloated their products were... SHAME-ON-YOU Symantec, there was a time long long ago when your name actually meant something... When people genuinely respected you. Now the only respect you have is from (unfortunately) a whole crapload of people whom you've successfully fooled with the only offering that has remained brilliant from your company.... the ADVERTISING Campain.

F- Off Symantec. You've been corrupted by $$$$.

No surprises here! The makers of the most bloated and exasperating antivirus software on earth has a critical flaw in their product. For the two frustrating years I used Norton AV, the product gave me more grief than any other software I'd ever used til then and since that time. Between unpredictable configuration changes (made on its own!) and other problems that could only be resolved by uninstalls/re-installs, I finally, after thorough research, discovered a gem in Kaspersky Labs AV Personal. NOD 32 is a pretty impressive product as well, but I lost faith in them after experiencing poor customer service. Alot of you have probably noticed that PC Magazine always gives them glowing reviews, which leads me to believe that Norton must be buying their praise. Unfortunately, it looks as if Norton will never learn. I guess they have enough people fooled into believing their product is the worlds best. Far from it!

This is a huge deal since many, many, many colleges and university's use Symantec Coorporate Antivirus version 2002 and earlier accross the network--notice that 2003-2005 versions are mentioned (symantec web page), but NOT 2002? That means one of two things:

1. The local University in my area will have to spend thousands on a new AV program for the entire campus (or suffer with more viruses costing about the same in damages), or

2. Use another antivirus.

I'm not one to beat around the bush, so let me say it plain and clear--Symantec is STUPID not to patch the corporate AV 2002 package. There are four University's that I KNOW use Symantec AntiVirus Corporate 2002 cross-campus. Symantec needs to seriously reconsider their support policy, but that's just my honest opinion...

well i got no clue everytime i use Norton's Av i never had a problem with virr but even if i did it did its job to remove it and no problems from there.

other then that i think it sucks that this came out even after cnet.com put it to the test with Trend Micro PC-cillin Internet Security 2005 alot of ppl thought that prog was hot compare to Norton's Av if u want to check out the reviews http://reviews.cnet.com/...ml?tag=nl.e497#talkback

While Symantec products have gotten bigger over the years their corp. versions have not suffered this problem to much extent. I use symantec corp 8 from school and have never had a virus problem that wasn't stopped of fixed immediately by SAV and will continue to use it as long as I can.

Besides if a difference of 5 - 10 megs of ram over the last few versions is causing your PC problems, you got bigger ones than your AV software...

This is an aging architecture that is now eight years old. It has been extended and patched but hasn't really evolved much past the old LANDesk product that was originally bought from Intel. Symantec is not an innovator - it has wh***d out this technology and it's finally beginning to show it's age.

I tested SAV9 last summer. It had a signigficant bug with XP's System Restore which caused that service to fail. I brought it to Symantec's attention and after a month they were able to reproduce it and assign a priority level to it - one of their highest. It took them another six months to develope a workaround. Not a fix. A workaround. Now that SAV10 is nearing release, you can bet that SAV9 will be abandoned although the rhetoric won't say so. It was their first kick at the can in terms of malware anyway.

In short, I have little respect for the company and it's products. For the home user, there are better AV solutions available for free that are nowhere near as invasive, are more efficient and are tabled by companies that are considerably more responsive with as good a track record in detecting viruses. avast! 4 Home Edition comes immediately to mind. In the corporate arena NOD32 is the product used by MS despite Symantec being a premier partner in the past. That alone should tell you something.

I would not recommend any Symantec product today, least of all their AV software. This is a product living off past achievements and the holes are only going to become more glaring as time goes by.

I must however point out another issue in the article:

Secunia is NOT a viable source of security information. A lot of their "reporting" is hype and on occasion quite impossible to reproduce.

Don't be a stuborn moron, Symantec is a great innovative company that improved greatly on technology they purchased. Their products are used world wide not by fooled people but by those that trust company's significant experience in protecting important systems. None of the servers I ever had to deal that were protected by Symantec had any problems with viruses.

whoa... sounds like someone is confusing symantec with microsoft :)

patch a version 3 versions old? feh.. why? they still give you the virus def upodates which is more than enough. you want a more feature filled version? buy sav 2005 and stop whining that your ancient software doesnt do this or that

Have you worked extensively with the corporate product? I have. I was involved in a SAV9 coporate rollout within the last 8 months from the server side and thoroughly tested the client side. My findings are tabled in another post here. The big selling point of 9 (we were migrating from 8) was roaming clients and that facility was there in SAV8. SAV9 only put a nice interface on it and added "threat detection" which was a nice way of renaming old functionality and adding malware detection. That's called an "extension" not an "innovation". In the process, they broke System Restore and aparrently had a hell of a time fixing it. avast! 4 Home Edition had the same System Restore problem. They fixed it in a maximum of *three weeks*.

You should also know that the corporate and consumer versions *are the same*. The difference is the interface, which in the corporate version offers greater configurability and central administration via a System Center (the Sav8 System Center plugin was broken on XP). The internal engine is no different.

My comments on the company stand - if you're a home user, there are a number of free alternatives that are *better*. I know - I dumped SAV8 and 9 off my home network of six machines and went to avast! 4 Home Edition instead six months ago. Corporate customers are in a less favorable position. They essentially have McAfee and Symantec to choose from if they go with high profile vendors and of the two Symantec is clearly preferable. It's a "better of two evils" scenario. Personally, I'd look at NOD32 in such a situation.

Two words: Corporate Edition. You do know NAV Coorporate Edition costs over 1.5 grand, right? If you don't know, buddy, don't comment. UNIVERSITY'S use version 2002, they paid over 3 grand at the time for it--again I don't use Norton or care personally except that the gov. does not need to spend money on this crap...Symantec would be wise for their own sake to fix version 2002, because if Symantec looses University's, they're doomed to an endless downward spiral. Again not that I care, but Symantec certainly should.

As a University admin who uses Symantec Corporate AV, cost is much less of an issue than with many other companies thanks to Symantec's educational pricing. We're paying about £2 per client.