On March 9, 2009, users of Norton AntiVirus started experiencing a firewall warning that a Norton-associated file called PIFTS.exe was trying to connect to the Internet. Rumours have circulated that this application is spyware. Norton deleted posts about this program on their forums and wouldn't answer questions about it over the phone. The SANS Internet Storm Center claimed to have spoken to a Symantec employee who has confirmed that "the program is theirs, part of the update process and not intended to do harm". Antivirus company Sophos also released a statement supporting Symatec's assertion that PIFTS.exe was not malware. On March 10, Symantec made an official response to the PIFTS.exe incident, claiming that posts in the support forum were deleted due to a massive spam attack. The Washington Post subsequently updated their article<ref name=Krebs2009 /> with information from Dave Cole, senior director of product management at Symantec, who said that the purpose of the update was to help determine how many customers would need to be migrated to newer versions of its software as more Windows users upgrade to Windows 7.
|