Security flaw in Symantec and Norton Antivirus “as bad as it gets” – millions of users left exposed


If you use Symantec or Norton anti virus software then you need to read this.

Users of some to the best known online security tools are being warned that their anti virus software may have been hacked.

The news comes after a Google security researcher revealed that he found a series of high severity vulnerabilities in both commercial and consumer products from antivirus software firm Symantec, which hackers could easily exploit to take control of computers.

The vulnerabilities were discovered by Tavis Ormandy, a security researcher from the Project Zero team at Google, whose job it is to highlight flaws and the poor state of anti virus software.

Writing on the official Project Zero blog, Ormandy described the vulnerabilities as “as bad as it gets” after discovering 25 flaws that are affecting Symantec and Norton products.

“These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible.

In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.”

Worst affected are Norton Antivirus for both Windows and Mac, including Norton 360, as well as a wide range of Symantec products such as Endpoint, Email Security and Protection Engine.

Ormandy describes the flaw as a “wormable vulnerability with potentially devastating consequences to Norton and Symantec customers,” and says that simply emailing a file to someone or sending them a link could be enough to spread the malware if it has already infected your computer.

Symantec has since said that it is aware of the problem and has issued security patches, the full details of which can be found here.

The security patches should update automatically, especially for anyone running a Norton Antivirus product, although some of the patches for enterprise users need to be installed by an administrator.

Ormandy claimed that the flaws were made possible because Symantec fell well short when it came to security protection on their own software.

Ormandy also claimed that in some cases Symantec had used the same code, which was from open source libraries for more than seven years, having themselves failed to install the necessary security and bug patches in all that time.


Comments are closed.