Jump to content

Google says Symantec antivirus flaws are 'as bad as it gets'


Recommended Posts

Products from Symantec that are supposed to protect users have made them much more open to attack, according to Google. Researcher Tavis Ormandy has spotted numerous vulnerabilities in 25 Norton and Symantec products that are "as bad as it gets," he says. "Just emailing a file to a victim or sending them a link to an exploit is enough to trigger it -- the victim does not need to open the file or interact with it in any way." Symantec has already published fixes for the exploits, so users would do well to install them immediately.

Google's Project Zero team searches for "zero-day" code flaws and gives companies 90 days (plus a two week grace period) to fix them. In this case, Ormandy published the blog post shortly after Symantec pushed the fixes, saying the antivirus company did resolve the bugs "quickly."

However, he excoriated Symantec for the danger of the errors and its incompetence in allowing them. In one case, he found a buffer overflow flaw in the company's "unpacker," which searches for hidden trojans and worms. "Because no interaction is necessary to exploit it, this is a wormable vulnerability with potentially devastating consequences," he says. "An attacker could easily compromise an entire enterprise fleet." He added that the unpackers have kernel access, which is "maybe not the best idea."

View the full article

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...