Jump to content

Search the Community

Showing results for tags 'symantec'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Lunarsoft Related
    • Announcements
    • Lunarsoft Discussion & Issues
    • Backpage News
  • Lunar Lounge
    • General Discussion
    • Gamer's Hangout
    • Media Hub
    • Introduce Yourself
  • Technical Discussion
    • Software
    • Hardware
    • Smart Home
    • Malware Prevention & Security
    • Malware Removal
  • Microsoft Windows Support
    • Windows 11
    • Windows 10
    • Microsoft Office
  • Member Projects
    • Anti-Malware Toolkit
  • Archives
    • Read Only Archives

Calendars

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Location


Website URL


Interests

Found 2 results

  1. Symantec has warned customers that security flaws in the firm's systems outed by Google's Project Zero last month won't be fixed until mid-July. Patches were rushed out to cover some of the "as bad as it gets" flaws identified by Project Zero, but patches to secure the fundamental architectural flaws are still some weeks away. The cloud-based versions of Symantec's Endpoint Protection Small Business Edition will finally be updated this week, but users of the workstation versions will have to wait weeks. Symantec has promised updates "by mid-July" and recommended that customers apply them as a matter of urgency, but in the meantime Symantec's systems remain vulnerable. Project Zero publicized the flaws found in Symantec's Norton Antivirus products last week, after uncovering them in May and reporting them to Symantec. View the full article
  2. Products from Symantec that are supposed to protect users have made them much more open to attack, according to Google. Researcher Tavis Ormandy has spotted numerous vulnerabilities in 25 Norton and Symantec products that are "as bad as it gets," he says. "Just emailing a file to a victim or sending them a link to an exploit is enough to trigger it -- the victim does not need to open the file or interact with it in any way." Symantec has already published fixes for the exploits, so users would do well to install them immediately. Google's Project Zero team searches for "zero-day" code flaws and gives companies 90 days (plus a two week grace period) to fix them. In this case, Ormandy published the blog post shortly after Symantec pushed the fixes, saying the antivirus company did resolve the bugs "quickly." However, he excoriated Symantec for the danger of the errors and its incompetence in allowing them. In one case, he found a buffer overflow flaw in the company's "unpacker," which searches for hidden trojans and worms. "Because no interaction is necessary to exploit it, this is a wormable vulnerability with potentially devastating consequences," he says. "An attacker could easily compromise an entire enterprise fleet." He added that the unpackers have kernel access, which is "maybe not the best idea." View the full article
×
×
  • Create New...