Symantec, Norton AV products are riddled with serious flaws

Status
Not open for further replies.
frogboy

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
Google security researcher Tavis Ormandy has unearthed a slew of critical vulnerabilities, including many remote code execution flaws, in Symantec and Norton enterprise and consumer AV products.
symantec.jpg

The flaws affect the core engine deployed in the products and are, according to Ormandy, “as bad as it gets.”

“They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption,” he noted.

The latter is possible because Symantec runs executable file unpackers directly in the kernel.

One of the vulnerabilities (CVE-2016-2208), a trivial buffer overflow, can lead to kernel memory corruption on Windows machines, and can be triggered by the victim simply receiving (and not opening) a specially crafted file or link via email.

Full Article. Symantec, Norton AV products are riddled with serious flaws - Help Net Security
 
  • Like
Reactions: Jrs30, Golden King, AlphaBeta and 6 others
spaceoctopus

spaceoctopus

Level 16
Verified
Top Poster
Content Creator
Well-known
Jul 13, 2014
766
When you download antivirus software, you expect it to protect your computer, not threaten it. And yet for all the good that Symantec/Norton's security programs do, it turns out they may be able to do even more harm.
An amazingly disastrous flaw could let cybercriminals attack a Windows machine at the deepest level, regardless of whether you have the home (Norton) or enterprise (Symantec) version of the company's programs — as do tens of millions of computers worldwide. Worse still: Not every system will get the fix automatically...
Click to expand...
Symantec/Norton Antivirus Flaw Threatens Millions of PCs
 
Last edited by a moderator:
  • Like
Reactions: frogboy, Rishi, tonibalas and 1 other person
XhenEd

XhenEd

Level 28
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 1, 2014
1,708
Symantec/Norton users only? It's a small percentage. It's not just millions of PCs. We're talking about hundreds of millions of PCs. Other AVs/AMs are as much vulnerable as Symantec's security products. Heck, every software, security related or not, is vulnerable to attacks!
 
  • Like
Reactions: frogboy, Jrs30, Nightwalker and 7 others
I

Ink

Administrator
Verified
Jan 8, 2011
22,490
darko999 said:
Never liked norton at all, not liked in the past nor in the present.
Click to expand...
Ever since they started listening to customer feedback and optimising their code, Norton has been quite a good security product to use.

This past year we have seen many security vendors have flaws in their software.
 
  • Like
Reactions: frogboy, XhenEd and Alkajak
A

Alkajak

Huracan said:
This past year we have seen many security vendors have flaws in their software.
Click to expand...

/thread

We've seen a massive rise in ransomware, exploits, etc. There is no perfect vendor right now, they all have their flaws. From time to time, those flaws are discovered and reported publicly. Other times, those are flaws are undiscovered and remain unreported.
 
  • Like
Reactions: frogboy and XhenEd
H

hjlbx

The whole point of Google Project Zero is to find vulnerabilities that security soft vendors miss in their own products - either by neglect, oversight (poor review), poor design, etc.

Symantec\Norton is no different than COMODO is no different than Kasperskey is no different than Bromium is no different than...
 
Last edited by a moderator:
  • Like
Reactions: frogboy and XhenEd
spaceoctopus

spaceoctopus

Level 16
Verified
Top Poster
Content Creator
Well-known
Jul 13, 2014
766
Norton is a good and decent product. Anyway every security suite or antivirus has bugs and vulnerabilities. Last year i remember Avast, Avg ,Bitdefender had flaws and vulnerabilities in their product.

ESET had a serious one which was discovered by Project zero too:
Project Zero: Analysis and Exploitation of an ESET Vulnerability

Critical flaw in ESET products shows why spy groups are interested in antivirus programs

Best way to keep all this under control is to get informed and make sure that your product is up to date.
 
  • Like
Reactions: frogboy
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Honestly it is a blessing in disguise where Norton could improve more on self-protection of their AV against manipulation.

Lucky for those researcher that can manage to find holes on some major products cause it is a prime advantage for them to fix it.
 
  • Like
Reactions: frogboy
Status
Not open for further replies.

Similar threads

Trident
    • Like
    • +Reputation
    • Applause
New Update The New Norton for Mac: First Look Exclusively for MalwareTips
Replies
44
Views
3,643
Norton
bjm_
bjm_
enaph
    • Hundred Points
    • +Reputation
Security News Zero-Day Flaws in Mazda’s Infotainment Expose Cars to Takeover Attacks
Replies
0
Views
290
Security News
enaph
enaph
Gandalf_The_Grey
    • +Reputation
    • Like
ASUS routers vulnerable to critical remote code execution flaws (patched)
Replies
1
Views
1,422
News Archive
codswollip
codswollip

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top