Experts warn of Rinbot virus striking Symantec
By Rene Millman
Posted on 2 Mar 2007 at 17:09
Experts have lambasted companies for not applying patches that have been available for six months to vulnerable security applications.
The Rinbot virus has spread around the globe infected computer systems by using flaws in Symantec anti-virus products with one of the most high-profile victims of the virus so far being CNN. The news organisation confirmed that the malware took its systems offline on Thursday.
According to reports from CNN, a hacker with a grudge against Symantec is said to be responsible for distributing the code. The code then spreads within a network turning computers into part of a botnet.
But experts said that there were no excuses for businesses not to get systems patched against these types of infections earlier.
'The fact that a patch has been available for this vulnerability for over six months demonstrates that businesses have yet to get to grips with ensuring that all their IT systems have the latest protection,' said Alan Bentley, Managing Director of PatchLink EMEA.
'Considering that computer hackers are a continuous threat to businesses, it is quite astonishing that this hole has been left unprotected for so long.'
Bentley said that once a security patch was announced by a security vendor this acted 'like a red rag to a bull'.
'Security hackers now have the opportunity to reverse engineer the security code that has been published, which enables then to write a computer virus to exploit the hole in the network,' he said.
Bentley added that any organisation holding consumer data will need to apply the relevant security patch to mitigate this risk. 'They can simply not ignore it - if a bank or retail organisation's network is found to have been exploited as a result of not patching against a known exploit, its consumer confidence will be profoundly damaged,' he said.
He said that for compliance reasons, companies will need to prove that the application of this patch was successful, 'in order to ensure that they are not exposed to potential legal ramifications and damaged reputation, if their network is ever infiltrated.'
From around the web
advertisement
- Chrome's shine getting lost in translation
- BytePac: the cardboard hard disk enclosure
- How tech loosens our grip on reality
- Hokum watch: Safer Internet Day
- Why I'm deleting Adobe from my PC
- Prepare to be patronised: it's Safer Internet Day
- Dear Sony, Samsung and every other tech company in the world: stop trying to be Apple
- Will Apple's Final Cut Pro X update placate the pros?
- Smartr Contacts for iPhone review
- Switching to Office 365's Outlook Web App
- Paying for your crimes with Bitcoin
- Pavement hacking: What it is and how to avoid it
- Google's risky pre-loaded pages
- Mac under attack: how secure is Apple's OS?
- Has your browser been hijacked?
- Can you send a truly anonymous email?
- Is it safe to send bank details over email?
- Sainsbury's Bank bans password storage
- MobileMe triggers credit card blocks
- How to stay safe against session hijacking
advertisement
Printed from www.pcpro.co.uk