Intel and Symantec plan to release a firmware-based PC security product in the first half of 2007 to stop hackers from disabling virus shields. This "virtual security solution" will run beneath the OS of a PC using Intel\u2019s vPro business bundle, such as Hewlett-Packard\u2019s Compaq dc7700 or Lenovo Group\u2019s ThinkCentre M55p desktops.The product could help to slow the trend of viruses and malware attacks that succeed only because the target PC has already lowered its defenses, either because of a well-meaning user or a malicious earlier hack, said Leo Cohen, vice president of the security technology group at Symantec."The trend is for the disabling or misconfiguring of security safeguards, so we will move security out of the user and operator environment," he said Wednesday at the Intel Developer Forum in San Francisco."This is something Symantec takes seriously: How do you make your security solutions tamper-resistant? We\u2019re working with Intel to put security in the hardware, in the firmware," Cohen said.Security experts increasingly say that a PC\u2019s biggest weakness is its own user, not a faulty firewall or defective virus shield. No matter how much security policies and tools improve, they are worthless unless they\u2019re enforced by the IT department, said Malcolm Harkins, general manager of Intel\u2019s information risk and security division.The HP spy scandal has shown how easy it is for hackers to use "social engineering" tactics to breach defenses, whether they are obtaining private phone records by pretending to be account holders, or planting tracking software on a reporter\u2019s PC by embedding it in an e-mail with a fake news tip.Likewise, companies have learned from battling viruses like Code Red, Slammer and Nimda to use networked controls to push patches out to 95 percent of their PCs immediately. But they could spend just as much time and money patching the last 5 percent, and they can\u2019t rely on users to apply the updates themselves, Harkins said."If you\u2019re using real-time antivirus, desktop firewall, data encryption and weekly hard drive scans, that could slow your system, so some end users will turn that off," said Harkins."People say the perimeter is vanishing, with extranets and mobile computing. But it\u2019s not vanishing; it\u2019s just just shifted to the people, and they can forget to update their antivirus or talk too loudly on a cell phone in an airport. If you ignore that component, that\u2019s going to be the thing that gets you every time."Indeed, IT administrators say that 28 percent of malicious attacks work because of compromised security, according to an August survey commissioned by Symantec. Whether that security is misconfigured because of employees, poorly written OS and application patches, or hackers themselves, the trend is increasing, the survey said.-Ben Ames, IDG News Service (Boston Bureau)\n\nIntel \u2018Quad-Core\u2019 Chip to Ship in Nov.\n\nSymantec: Home Surfers Increasingly Targeted by HackersCheck out our CIO News Alerts and Tech Informer pages for more updated news coverage.