Kritische Sicherheitslücken in Symantec und Norton Antivirusprodukten
Posted 06/29/2016 at 10:29 by MrDami123
Tags antivirus, cve, norton, sicherheitslücke, symantec
Ist natürlich unschön zu erfahren, wenn gängige Sicherheitsprodukte von kostenlosen Endnutzer Antiviruslösungen bis Enterpriseangeboten komplett und teilweise jahrelang korrumpiert hätten werden können. Bis zu 'wormable remote code execution flaws' reicht der neue Bericht vom Projekt Zero Google Team.
Quelle:
Quote:
Symantec is a popular vendor in the enterprise security market, their flagship product is Symantec Endpoint Protection. They sell various products using the same core engine in several markets, including a consumer version under the Norton brand.
Today we’re publishing details of multiple critical vulnerabilities that we discovered, including many wormable remote code execution flaws.
These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.
Today we’re publishing details of multiple critical vulnerabilities that we discovered, including many wormable remote code execution flaws.
These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.
Quelle:
Total Comments 0