Critical Flaw In Symantec Firewall Products

eEye Digital Security discovered multiple vulnerabilities in Symantec firewall products a short while ago. Secunia re-released their Security Advisory for this vulnerability this week bumping the criticality up to extreme. They state that one of the vulnerabilities is very similar to the flaw in the ISS BlackIce firewall that was recently exploited by the Witty worm, essentially making the Symantec firewall products relatively easy to exploit via a worm as well. A patch is available from Symantec through LiveUpdate. Symantec recommends that users manually run LiveUpdate on their products to be absolutely sure the update has been applied. For more information look at the details in Secunia Advisories - May 13, 2004.