Google Found Disastrous Symantec and Norton Vulnerabilities That Are 'As Bad As It Gets'


Google Found Disastrous Symantec and Norton Vulnerabilities That Are 'As Bad As It Gets' Google’s “project zero” team, a group of security analysts tasked with hunting for computer bugs, discovered a heap of critical vulnerabilities in Symantec and Norton security products. The flaws allow hackers to completely compromise people’s machines simply by sending them malicious self-replicating code through unopened emails or un-clicked links. The vulnerabilities affect millions of people who run the company’s endpoint security and antivirus software, rather ironically to protect their devices. Indeed, the flaws rendered all 17 enterprise products (Symantec brand) and eight consumer and small business products (Norton brand) open to attack. Ormandy further demonstrated that the flaws can be exploited to propagate computer worms, meaning virally infectious malware. “Just emailing a file to a victim or sending them a link to an exploit is enough to trigger it,” he says, “the victim does not need to open the file or interact with it in anyway.” See http://ift.tt/28ZrhuM

Comments