Anonymous Symantec patch gets firewalls on the alert
And where did my forum post go?
Published: 11 March 2009 12:03 GMT by Elinor Mills
Show related articlesSymantec released a patch for some of its older Norton products on Monday night that did not identify its origin, and therefore triggered alerts on user firewalls, the company said Tuesday.
The patch for 2006 and 2007 versions of Norton Internet Security and Norton Antivirus, a program dubbed "PFST.exe", was distributed to collect anonymous statistics on matters such as how many computers are using the products and what operating system they are running, Jeff Kyle, group product manager for Symantec consumer products, said Tuesday.
Because it was unsigned - a result of human error - firewalls started prompting users with messages asking them if they trust the patch, Kyle said. Of course, because the patch had no signature indicating it was from Symantec, users didn't know whether to trust it and many of them went to the Norton user forum for answers.
The company pulled the patch after three hours and then after started deleting forum posts related to the matter. The company was not censoring the posts but fighting off a spam attack, according to Kyle.
"At the same time we were pulling down the patch a spammer created a new account on our forum and minutes after that there were 200 new users all targeting the same thread," he said. "Within the first hour there were like 600 posts to that thread. Obviously it was a bot creating this."
"There is no conspiracy theory. There's nothing we are hiding at all," Kyle added.
Meanwhile, Kyle said he isn't sure if or when Symantec will redistribute the patch, but if it does, he said, it will be signed.
Symantec has more information on its message board site.
Reader Comments (0)