Norton And Symantec Users: Act Now! Viruses Likely, Google Finds

Posted: Jun 29 2016, 8:00am CDT | by , in News | Technology News


Norton and Symantec Users: Act Now! Viruses Likely, Google Finds
Photo Credit: Getty Images

Products from the Symantec company has supposed to protect users from viruses, malware, and other blights that come from using the computer. According to Google, the opposite actually happened. Researcher Travis Ormandy found that there were so many vulnerabilities in 25 Norton and Symantec products that are "as bad as it gets," he says. "Just emailing a file to a victim or sending them a link to an exploit is enough to trigger it -- the victim does not need to open the file or interact with it in any way."

Symantec has already come up with fixes for the problems that were found, so you will want to install those immediately to keep yourself safe.

Google's Project Zero team searches for "zero-day" code laws that gives companies 90 days to fix them. In this particular case, Symantec did really work quickly to solve the problem. Ormandy outlined everything in his blog post, giving credit to the company for working so hard.

But he did call out Symantec for the dangers of what happened and the incompetence of the company for allowing them in. He found a flaw in the company's "unpacker" which is what searches for worms and any hidden trojans.

"Because no interaction is necessary to exploit it, this is a wormable vulnerability with potentially devastating consequences," he says. "An attacker could easily compromise an entire enterprise fleet." He also remarked that any unpackers have kernel access, which is "maybe not the best idea."

He built and released his own fix to help Symantec develop something quickly. He calls it a "100 percent reliable exploit, effective against the default configuration in Norton Antivirus and Symantec Endpoint [and] exploitable just from email or the web."

His harshest criticism came for Symantec's vulnerability management. That program is supposed to check for published flaws and ensure open-source updates. "Symantec dropped the ball here. A quick look at the decomposer library shipped by Symantec showed that they were using code derived from open source libraries ... but hadn't updated them in at least 7 years."

The problem really is that Symantec hasn't updated their code in at least seven years!

Symantec isn't the only company that has issues, as McAfee, Trend Micro, and others have been flagged. In fact, Ormandy questioned whether or not getting antivirus is smart at all, calling it "a significant tradeoff in terms of increasing [the] attack surface."

This bug affects Norton Antivirus on Mac and Windows as well as many other Symantec products. Most of the fixes have already been rolled out and, in most cases, you'll automatically get an update. Still, "some of these products cannot be automatically updated, and administrators must take immediate action to protect their networks."

You May Like


The Author

<a href="/latest_stories/all/all/46" rel="author">Noel Diem</a>
Noel passion is to write about geek culture.




Leave a Comment

Share this Story

Follow Us
Follow I4U News on Twitter
Follow I4U News on Facebook

You Also Like


Read the Latest from I4U News