Security researchers at eEye Digital Security have discovered a serious flaw in Symantec's enterprise antivirus software that could be used by hackers to create a self-replicating 'worm' attack against Symantec users. Because Symantec has not yet confirmed the existence of the problem, much less patched it, eEye is offering few details on the vulnerability, which was first disclosed late on Wednesday.

Indian antivirus vendor AvSoft Technologies' website is being used by hackers to install malicious software on visitors' computers, researchers said yesterday. According to Roger Thompson, chief research officer with security vendor AVG, the download section of AvSoft's S-cop website hosts the malicious code: "They let one of their pages get hit by an iFrame injection. It shows that anyone can be a victim.

In our recent reader poll asking how often you update your antivirus and security software you gave a chilling reply - only one in five voters said they updated their software daily. According to one antivirus expert, daily updates are essential to a healthy system. But he added that times have moved on from the days when simple regular updates will save you from virus exposure.

Microsoft plans to release a test version of a new Internet Explorer browser by the middle of the year. The company says the update should better protects users from scams and malicious code while surfing the web.

Microsoft is readying a new consumer security product that offers virus and spyware protection, a firewall and several tune-up tools for Windows PCs. The move will pit the software giant squarely against traditional security software vendors.

A consumer magazine has been condemned for possibly adding to the virus problem by creating a series of 'test' viruses just to review antivirus scanners. In an act that has long been considered technical taboo, US consumer affairs organisation, ConsumerReports.org, decided to generate 5,500 'test' viruses to run, under lab conditions, against 12 leading antivirus software products.

A problem with an update to Microsoft's Windows AntiSpyware program last week caused it to recommend disabling two Symantec antivirus programs. Microsoft has now fixed the problem, it said today. The problem was rooted in a signature update for Windows AntiSpyware Beta 1.0 released late on Thursday night, Microsoft said. The signature flagged a registry key for Symantec's AntiVirus Corporate Edition versions 7.0, 8.0, 9.0, 10.0 and Client Security versions 1.0, 2.0, or 3.0 as a password stealer called PWS.Bancos.A.

Antivirus software may be getting easier and at least two products can't get cheaper. Computer Associates International on Tuesday released free antivirus software that the company says doesn't need to be updated with every new virus that appears. Designed for home PC users, Mail Watcher and eTrust Content Inspection Personal Edition can be downloaded at Computer Associates' Web site, says Simon Perry, CA vice president of security solutions.

Three malicious programs are hitting certain mobile phones, antivirus companies have warned. The Trojan Horses, or programs that are disguised as legitimate applications, spread via Bluetooth or multimedia messages and can affect phones running the Symbian operating system. The infection rate so far from the malware is low, Symantec reported in threat warnings issued last week.

Kaspersky Lab has released a beta version of mobile antivirus software for smartphones using the Symbian OS, it announced last week. The product, called Kaspersky Anti-Virus Mobile 2.0, can stop suspicious programs before they infect the phone and scan devices for malicious software, the company said.