A veritable bombshell was dropped yesterday on Google Project Zero when Tavis Ormandy posted that the Google team had discovered vulnerabilities in virtually all Symantec and Norton security products that are ”as bad as it gets.”
The Project Zero post is quite detailed in its description of the multiple flaws and vulnerabilities located in the products and if you are interested in the nitty gritty you should definitely check it out.
If, however, you are more interested in the big picture synopsis, here is what we know.
- Symantec Endpoint Protection and:
- Norton Security, Norton 360, and other legacy Norton products (All Platforms)
- Symantec Endpoint Protection (All Versions, All Platforms)
- Symantec Email Security (All Platforms)
- Symantec Protection Engine (All Platforms)
- Symantec Protection for SharePoint Servers
- And so on…
Are all impacted since they share the same core engine.
Image source: Tavis Ormandy, Google Project Zero
2. “These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.”
3. Symantec has publicly released its own advisory that lists 17 different affected products.
What Does This Mean To You?
Most of the updates underway from Symantec will automatically install using a pathway similar to how the products receive virus definition updates. However, to be sure that all the vulnerabilities have indeed been fixed, Network administrators should review the advisory issued by Symantec as manual updates may be required.
How Can Konsultek Help?
At Konsultek we build custom security solutions from the ground up that use a holistic combination of prevention, detection and access management to ensure that your network is secure and stays that way. Give us a call to learn more about how our custom developed approach, including managed services, is far and away superior to plug and play software and boxes.