Oh, here's the article text for anyone who would rather not click on
the link (sorry, I should have know better) --
Google's Project Zero team has discovered a heap of critical
vulnerabilities in Symantec and Norton security products. The flaws,
the team says, allow hackers to completely compromise people's
machines by simply sending them malicious self-replicating code
through unopened emails or un-clicked links. According to a Fortune
report, the vulnerabilities affect millions of people who run the
company's endpoint security and antivirus software -- all 17
enterprise products (Symantec brand) and eight consumer and small
business products (Norton brand). Dan Goodin, reporting for Ars
Technica:
'The flaws reside in the engine the products use to reverse the
compression tools malware developers use to conceal their malicious
payloads. The unpackers work by parsing code contained in files before
they're allowed to be downloaded or executed. Because Symantec runs
the unpackers directly in the operating system kernel, errors can
allow attackers to gain complete control over the vulnerable machine.
Tavis Ormandy, a researcher with Google's Project Zero, said a better
design would be for unpackers to run in a security "sandbox," which
isolates untrusted code from sensitive parts of an operating system.'
At Wed 29 Jun 2016 10:55:27 AM EDT, David McFarlane wrote:
> This just in from Slashdot:
>
> https://it.slashdot.org/story/16/06/29/1032210/google-found-disastrous-symantec-and-norton-vulnerabilities-that-are-as-bad-as-it-gets
>
> How does this affect us?
>
> -- dkm
|