Symantec Patch Alarms Users, Attracts Malware Spreaders
Article by George Norman
On 11 Mar 2009
Earlier this week, security software developer Symantec issued a diagnostic patch for Norton Internet Security and Norton Antivirus, the 2006 and 2007 versions. The patch, entitled “PIFST.exe” (short for Product Information Framework Trouble Shooter), was meant to collect such info as what operating system Norton Antivirus and Norton Internet Security users have running on their machines, but since it was not signed, it was blocked by the users’ firewalls.

This would not have been a problem if the patch would have been able to properly identify itself as originating from Symantec. The user found himself getting a firewall notification asking him if he trusts PIFST.exe; what else was he to do but deny it access, since there was no means of telling if it genuinely originates from Symantec. Looking for answers, a large number of users then turned to Norton forums for answers.


And things only got worse from there on; as people were posting all sorts of speculations on PIFST.exe, Symantec pulled the patch. This lead to further speculation, especially since Symantec deleted some of the posts. Think of it a as a snowball effect that only got bigger and bigger as time went by.

Symantec came out to announce that the unsigned patch was indeed released by them, and the reason it was not signed was due to human error. Regarding the deleted posts, these were apparently the result of a spam attack; the messages were posted by a bot, not a user. Jeff Kyle, group product manager for Symantec consumer products commented:

“One individual created a new user account and posted about the name of the patch executable, PIFTS.exe. Within minutes, several dozen user accounts were created commenting on the initial thread, and/or creating new threads on the topic. Over the next few hours, over 200 user accounts were created. Within the first hour there were 600 new posts on this subject alone. While the intent of the spammer(s) remains unclear, there were no malicious links and it simply resulted in a widespread communications challenge for Symantec. There is no conspiracy theory. There's nothing we are hiding at all.”

It has also come to light that malware spreaders are taking advantage of this situation by poisoning search engines – if you search for PIFTS.exe on Google for example, in an attempt to find more info on the matter, some of the search results will lead you to malware spreading sites.

Tags: Symantec, Norton Antivirus, Norton Internet Security, PIFTS
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Symantec Patch Alarms Users, Attracts Malware Spreaders
HTML Linking Code