- Mar 24, 2017
- 481
Not sure how many of you use those products but I thought that I would share this. Not good to hear about this from a security business.
Last edited:
Symantec endpoint zero-day unpatched for months
- Thread starter Danielx64
- Start date
Not sure how many of you use those products but I thought that I would share this. Not good to hear about this from a security business.
Those vulnerabilities aren't your average small-time ones, they are quite critical and if abused can cause severe damage. Exploitation of those vulnerabilities could provide an attacker with the opportunity to install a Volume Boot Record based bootkit on the system whilst surpassing Symantec protection and masking the offender due to using Symantec components to perform the operation (strengthening anti-forensics should any real-time logging be going on and monitored by the analysts at the targeted enterprise).
Symantec should have assigned employees to have these vulnerabilities resolved ASAP from the minute they had finished reading the vulnerability submission report, and since it was disclosed by a/multiple security researchers, I should hope that they were rewarded a nice bug bounty for their hard-work and patience... Hopefully a big one considering the damage potential as well as both the submissions being critical.
It is disappointing to hear that it took months after disclosure for something critical like that.
Symantec should have assigned employees to have these vulnerabilities resolved ASAP from the minute they had finished reading the vulnerability submission report, and since it was disclosed by a/multiple security researchers, I should hope that they were rewarded a nice bug bounty for their hard-work and patience... Hopefully a big one considering the damage potential as well as both the submissions being critical.
It is disappointing to hear that it took months after disclosure for something critical like that.
- Mar 24, 2017
- 481
I'm starting to question if SEPM/SEP is providing the protection that I would think they are. Or rather if any other Symantec products have security issues like this lurking.
The good news is that it was identified by security researchers and not black-hat hackers who have malicious intent and would happily abuse a vulnerability like the ones mentioned above to gain profit illegally. Better late than never eh!
It really is a shame though, I cannot say I'm not disappointed. I think they should have had it on high priority to fix those vulnerabilities ASAP, not months afterwards. It is possible they were indeed trying to solve it since the submission and it simply took this long to solve it due to it being a tricky one to solve, but it is still a shame.
It does.. Trend Micro had over 200 security vulns after researches spent some time with it. I was starting to like Norton, but problems started coming up. I was starting to like Trend, then they merged with the CIA... <Le Sigh>
- Jan 8, 2017
- 1,320
An advice: Never use American antivirus, everyone is contaminated by the government (NSA, CIA and etc.)
That isn't true. Which is why Apple don't turn around saying "Hi mate here's the master key to our encryption, remember the deal? We all get a free hamburger in exchange", instead they fight it and win.
- Jan 8, 2017
- 1,320
I said 'antivirus', obvious that there are some companies that still resist in the United States, but antivirus? I do not trust any, evidence is what is not lacking.
Feel free to share the evidence. I see government agencies hacking into AV vendors systems more than AV vendors willingly giving governments full access.
I'd rather trust a US-based AV than one from China. Regardless, no matter where you go, the government agencies will demand data and find a way to get it. Whether you use an AV from a vendor in the UK then you have GCHQ, in the US you have the NSA/FBI/CIA, in North Korea you'll have their government, same for Germany and everywhere else.
All the government agencies probably spy to an extent. Some of the best researchers will be in both US and China, and anywhere else the government may be questionable
Last edited by a moderator:
People believe Apple's smoke and mirror responses to US Intel as reported in the media? Pfft.. Apple does that for publicity, nobody in their right mind would believe they mean it.. I mean, that is if you believe the MacOS Root bypass was a 'bug'. Apple was also first in line for Prism.
NSA leaker Edward Snowden refuses to use Apple's iPhone over spying concerns - report
@ForgottenSeer 58943 Hmmmm well I do understand where you both are coming from, I am no fan of the US government either because I've seen a lot of WikiLeaks... But I just don't see the point on strictly disliking US for trust when a lot of countries are probably the same and maybe haven't been exposed as badly yet. All countries are likely to have surveillance on people to some form and regularly request data, nothing you can do about it... US are no better than Russia and vice-versa for other countries IMO
100% agreement here.
One thing to keep in mind. Many countries don't have the resources the US and China have to expend on surveillance. But at the core, I fully agree with you here.
- Aug 17, 2013
- 1,905
I often wonder if Comodo being a US company cooperate with the government maybe a back door, or government surveillance on the trusted vendors
list.
Similar threads
