Norton Symantec is one of the world’s most trusted anti-virus software programs. However Google’s Project Zero team which consists of a group of computer security analysts whose goal is to hunt for computer bugs, recently discovered major critical vulnerabilities in the whole range of Norton and Symantec anti-virus products, making millions of people around the world open to attack. These flaws allow hackers to easily compromise computers simply by sending people an email containing malicious self-replicating code which affects computers even if you do not open the email or click on any links.
Tavis Ormany who is part of Google’s Project Zero team wrote that, “These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible.”
“On Linux, Mac and other UNIX platforms, this results in a clean heap overflow as root in the Symantec or Norton process. On Windows, this results in kernel memory corruption.
Because Symantec uses a filter driver to intercept all system I/O, just emailing a file to a victim or sending them a link to an exploit is enough to trigger it – the victim does not need to open the file or interact with it in anyway. Because no interaction is necessary to exploit it, this is a wormable vulnerability with potentially devastating consequences to Norton and Symantec customers.”
This has serious consequences for both home and business users. An attacker could easily compromise even an enterprise’s entire computer network. Ormany advises that Network Administrators should seriously consider this scenario when deciding to deploy an anti-virus due to this issue.
Norton Symantec has now issued automated and manual fixes to solve this issue. You can find more about it here. As part of best practices, Norton Symantec recommends a multi-layered approach to computer and internet security to provide more comprehensive approach to cyber threats.