Symantec suffers from a flaw that lets hackers seize control of computers to steal sensitive data, delete files or implant malicious programs. Researchers from
eEye Digital Security discovered the vulnerability and provided evidence to Symantec engineers this week, said eEye's chief hacking officer, Marc Maiffret. "This is definitely wormable. Once exploited, you get a command shell that gives
you complete access to the machine. You can remove, edit or destroy files at
will," said eEye Digital Security spokesperson Mike Puterbaugh. Symantec said it
was investigating the issue but could not immediately corroborate the
vulnerability.
Update(May29):Symantec now released
updates for the products containing the flaw.