Are you using Symantec or Norton Antivirus? Then your PC, Tab or another device may be vulnerable to hacking. Yes, you heard it right. According to Google’s Project Zero report, there are many flaws in these Anti-virus softwares which might help hackers to steal your data.
The United States Department of Homeland Security has issued an alert warning “Symantec and Norton-branded antivirus products contain multiple vulnerabilities. Some of these commodities are in widespread use throughout government and industry. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system. Update now.”
According to Google’s report, they have found holes in Norton Security, Norton 360 and legacy products, Symantec Protection Engine, Symantec Endpoint Protection, Symantec email security, and Symantec SharePoint server protection and may be more.
Tavis Ormandy of Project Zero stated in a blog post that “These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In particular cases, on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.”
He added, “As Symantec use the same core engine across their entire product line, all Symantec and Norton-branded antivirus products are affected by these vulnerabilities.”
Responding to the warnings by the tech giant, Symantec said that they need time to rectify those flaws and all the vulnerabilities can’t be fixed until the second half of July.
The company had started the release of patches to cover some of the flaws identified “as bad as it gets” by Project Zero, but patches to secure the fundamental architectural flaws are still some weeks away.
But as far as now Symantec user’s data was liable to suffer from hacking. So, update or patch your anti-virus as early as possible to avoid stealing your information.
Cyber security researchers are recommending sandboxing and a security development lifecycle, to which companies are opposing. Because of this loophole unpackers and emulators continue to be a huge source of vulnerabilities.
Ormandy also said that “Antivirus vendors solve this problem with two solutions. First, they write dedicated unpackers to reverse the operation of the most common packers, and then use emulation to handle less common and custom packers.”