Shaun Cassells at MyITForum.com

Symantec Antivirus Client Security Flaw – GRC.Dat is unencrypted clear text

I was poking around the corporate Symantec client when I noticed the GRC.dat files are in easy to read clear text. 

They are consumed quickly in a directory where only those with elevated rights can enter.  However, the dat file being in clear text means any curious scripter could seriously modify the client.  For example, setting up a bunk DAT file to move the host parent server to yours… http://www.jacksontechnical.com/article.htm?id=13

Let your mind wander.  Then come back and tell me how you mitigated this vector. 

References: 

• A guide to the Grc.dat file in Symantec AntiVirus Corporate Edition version 10.x
• http://service1.symantec.com/support/ent-security.nsf/docid/2005041910541048?Open&src=tranus_ent_br