Critical security vulnerabilities have been found within Symantec and Norton products are "as bad as they get," according to security researchers.
On Tuesday, Google's bug-hunting Project Zero team disclosed multiple critical flaws found within Symantec's core engine, used as the backbone of both consumer and enterprise security products.
According to the tech giant, the use of Symantec's core engine across its full product line, alongside Norton-branded products, has the potential to cause devastation for consumers and the enterprise alike.
No user interaction is required to exploit this issue as just "emailing a file to a victim or sending them a link to an exploit is enough to trigger it," according to Ormandy.
In addition, a "100 percent reliable" critical return-oriented programming (ROP) exploit can also be used against the core engine to damage versions of Symantec software on all platforms, affecting software with default configuration in Norton Antivirus and Symantec Endpoint. This issue is also exploitable just from email or the web.
Symantec posted an advisory confirming the existence of these vulnerabilities but insists the firm is not aware of any exploits in the wild leveraging the flaws.
Fixes have been included in product updates, and "additional checks" have been added to the vendor's security cycle systems to prevent this happening again.
The tale of woe isn't finished there. Some of these products cannot be automatically updated, and so administrators need to check product update processes and take action now to prevent these security flaws being exploited.
Security Advisories Relating to Symantec Products - Symantec Decomposer Engine Multiple Parsing Vulnerabilities - 2016-06-28T00:03:00 PDT | Symantec
On Tuesday, Google's bug-hunting Project Zero team disclosed multiple critical flaws found within Symantec's core engine, used as the backbone of both consumer and enterprise security products.
According to the tech giant, the use of Symantec's core engine across its full product line, alongside Norton-branded products, has the potential to cause devastation for consumers and the enterprise alike.
No user interaction is required to exploit this issue as just "emailing a file to a victim or sending them a link to an exploit is enough to trigger it," according to Ormandy.
In addition, a "100 percent reliable" critical return-oriented programming (ROP) exploit can also be used against the core engine to damage versions of Symantec software on all platforms, affecting software with default configuration in Norton Antivirus and Symantec Endpoint. This issue is also exploitable just from email or the web.
Symantec posted an advisory confirming the existence of these vulnerabilities but insists the firm is not aware of any exploits in the wild leveraging the flaws.
Fixes have been included in product updates, and "additional checks" have been added to the vendor's security cycle systems to prevent this happening again.
The tale of woe isn't finished there. Some of these products cannot be automatically updated, and so administrators need to check product update processes and take action now to prevent these security flaws being exploited.
Security Advisories Relating to Symantec Products - Symantec Decomposer Engine Multiple Parsing Vulnerabilities - 2016-06-28T00:03:00 PDT | Symantec