Google's Project Zero team finds multiple critical flaws affecting Symantec's entire product line

By Shawn Knight · 9 replies
Jun 29, 2016
Post New Reply
  1. Google’s Project Zero team set out in 2014 to help make the Internet a safer place by searching for vulnerabilities in third-party software that could be used to conduct a cyber attack. The division recently struck gold, if you will, as it discovered multiple critical vulnerabilities affecting Symantec’s entire product line.

    Security researcher Tavis Ormandy outlined the issues in a recent post on the Project Zero blog, describing the vulnerabilities as being as bad as it gets. That’s because they don’t require any user interaction, affect the default configuration and the software runs at the highest privilege levels possible.

    In certain scenarios on Windows, vulnerable code is even loaded into the kernel which Ormandy said results in remote kernel memory corruption.

    Ormandy notes that since Symantec uses the same core engine across its entire line, all Symantec and Norton branded antivirus products are affected including:

    • Norton Security, Norton 360, and other legacy Norton products (All Platforms)
    • Symantec Endpoint Protection (All Versions, All Platforms)
    • Symantec Email Security (All Platforms)
    • Symantec Protection Engine (All Platforms)
    • Symantec Protection for SharePoint Servers
    • And so on.

    The researcher described a few of the many vulnerabilities they found. He took Symantec to task for its poor vulnerability management, noting that a quick look at the decomposer library showed they were using code derived from open source libraries that hadn’t been updated in at least seven years.

    Ormandy did praise Symantec for its help in resolving the bugs so quickly. Google gives companies 90 days from the time of private disclosure before going public with vulnerabilities it finds.

    That said, if you’re running any Symantec or Norton product, you’ll want to update it ASAP.

    Image courtesy Tony Avelar, Getty Images

    Permalink to story.

  2. lripplinger

    lripplinger TS Addict Posts: 283   +98

    If you are running Symantec garbage, you are a born sucker to begin with.
    Reehahs likes this.
  3. Uncle Al

    Uncle Al TS Evangelist Posts: 3,321   +1,970

    Ain't that the truth!!!!
  4. DJMIKE25

    DJMIKE25 TS Addict Posts: 174   +68

    While I agree that the Norton product line is full of terrible performance hogging software, we use Symantec Cloud and Endpoint protection at many of our clients offices. It has been a great product thus far, though we have been switching everyone over recently to Kaspersky Endpoint, because it is a far superior product.
  5. wayne1486

    wayne1486 TS Rookie

    I haven't use this antivirus in years didn't know people still use it as much
  6. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 8,647   +3,274

    "That said, if you're running any Symantec or Norton product, you’ll want to update it ASAP.
    That said, if you're running any Symantec or Norton product... Why the hell are you! Do you like torturing yourself and wasting money?
  7. mbrowne5061

    mbrowne5061 TS Evangelist Posts: 747   +357

    Symantec is pretty solid for corporate customers, but switching to something like Kaspersky wouldn't be an option for Defense contractors (Russian software). I'm sure more than a few U.S. defense companies are panicking right now.
    DJMIKE25 likes this.
  8. DJMIKE25

    DJMIKE25 TS Addict Posts: 174   +68

    True, I'm sure it is a bit worrisome. Despite that it is a solid product. The management tools are superior to Symantec Endpoint Manager and cloud by a longshot.
  9. mbrowne5061

    mbrowne5061 TS Evangelist Posts: 747   +357

    Oh, yeah. Agreed 100%. But there is now a fairly valuable segment of the market that desperately needs a new solution quickly. It will be interesting to see if Symantec can get their act together in time, or if a new player will sweep in and steal the customers.
    DJMIKE25 likes this.
  10. DJMIKE25

    DJMIKE25 TS Addict Posts: 174   +68

    We can only hope.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...