Symantec responds to PIFTS.exe controversy

News by Dan Raywood

Symantec has responded to criticism over the PIFTS.exe patch that was issued yesterday.

Symantec has responded to criticism over the PIFTS.exe patch that was issued yesterday.


In a statement, the company claimed that the diagnostic patch was released to target Norton Internet Security and Norton Antivirus 2006 and 2007 and was released for approximately three hours between 11:30pm and 2:40am on the evening of 9th March.


The company claimed: “In a case of human error, the patch was released by Symantec ‘unsigned', which caused the firewall user prompt for this file to access the internet. The firewall alert for the patch caused understandable concern for users and began to be reported back to Symantec.


“Releasing a patch unsigned is an extremely rare occurrence that does not pose any security issues to our users. The patch reached a limited number of Norton customers and has subsequently been pulled from further distribution. Norton users are fully protected and do not need to take any action as a result of this issue.”


The company also claimed that its Norton User Forum boards ‘were being abused by an individual or individuals', with one creating a new user account and posting about PIFTS.exe. Within minutes, several dozen new user accounts were created and the users began commenting on the initial thread, and/or creating new threads on the topic.


Symantec said: “Over the next few hours, over 200 user accounts were created. Within the first hour there were 600 new posts on this subject alone. While the intent of the spammer(s) remains unclear, there were no malicious links and it simply resulted in a widespread communications challenge for Symantec.”


The ‘forum spam' posts contained no text in the body of the message, simply a subject which included the likes of ‘o lawd in chokin on Pifts plz halp'; ‘Oh God you got chocolate in my Pifts' and ‘If you wanna be my Norton/ you gotta deal with my Pifts.exe'.


Believing that the posts were in violation of its community terms of service, Symantec removed the spam posts.


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews