Just read this on SANS.

This is something very interesting :

Symantec was notified of this vulnerability on January 17, 2006.
They acknowledged the vulnerability, then provided us with a
fixed version. Rapid7's advisory was publicly released on April 21,
and Symantec HAS released a fix for its platinum customers TODAY and we thought microsoft was slow.

Here is more in the vulnerability :