I've yet to see any REALLY decent coverage of this debacle.
Symantec releases a 'patch' and doesn't SIGN it? (and that gets through QA how?)....
"Symantec said Tuesday that an unsigned patch released by the company had been used as an excuse for spammers to launch a disinformation campaign about the company.
On March 9, Symantec released a patch labeled "PIFTS.exe" between 4:30 PM and 7:30 PM Pacific time, that was a legitimate upgrade for both Norton Internet Security as well as Norton Antivirus 2006 and 2007. By mistake, Symantec said, the patch was not digitally signed, leading Symantec's own products to flag the patch as possible malware. ...
Symantec apparently exacerbated the situation by removing what it called spam posts, leaving others to wonder whether Syamtec was censoring an issue that would have hurt the company's reputation."
Then when firewalls go off, users post about it, and Symantec deletes their posts. They later claim hackers from the likes of 4chan (which was ablaze with speculation about it) spammed their boards like crazy with it, so they had to scrub the boards.
BAD GUYS get hold of it, and quickly the top search results on pifts.exe give folks viruses.
Rumors fly it is it accessing a server in Africa. Not exactly true, more like one in Arlington?
Symantec says everything is fine, it is harmless.
But people had already started analyzing it. It looks a wee bit like spyware.
But all is fine, because Symantec says it is. It is all just a disinformation campaign against them. Please go back to what you were doing.
But..that's ignoring the fact that it is just all...so...bizarre...