A Symantec security flaw discovered by an independent security consultant is unlikely to be exploited despite its rating as a high risk by Symantec itself and a very high risk by security firm Secunia Latest News about Secunia, said Forrester Research senior analyst Michael Gavin.
The vulnerability, which could allow a hacker to take control of a machine during decompression of RAR files — a file format commonly used for storage of large video or audio files — is very similar to another one discovered by security consultant Alex Wheeler in February.
The new vulnerability in the Symantec software is so huge, that you don’t even have to do anything for it to be exploited. This was discovered by Forrester Research. All a person needs to do to exploit this is create a RAR file and put it on a machine running the Symantec software. This effects both the Windows and Mac versions of the software. There is no 100% patch for the vulnerability yet, so the recommendation is that you turn off RAR scanning.
