When it comes to virus prevention products, companies like Symantec always appear as among the most popular in the field. This is a double-edged sword, for while it is encouraging that many consumers care about security, one vulnerability can compromise thousands of users. Such is the case with a recent report from the United States Computer Readiness Team. In this report US-CERT states that, “the large number of products affected… across multiple platforms… and the severity of these vulnerabilities… make this a very serious event.” Released on July 5, the report gives a detailed breakdown of every known vulnerability and their potential exploits.
Affecting over 20 products (on Linux, Windows, and Mac operating systems), the security flaws are numerous. The main issue with the security bugs is an attacker having the ability to gain root access to your computer. This comes from the ability to exploit the Symantec or Norton branded software to execute malicious code during a scan. Additionally, root can be gained via vulnerabilities that do not require any interaction from the victim, making it impossible for someone to know they are being attacked.
It is important to note that Symantec has released patches SYM16-008 and SYM16-010 to deal with these threats. It is urgent that every organization and individual patch their Symantec products immediately. Many ignore patch updates because they do not wish to be inconvenienced, but it simply is opening the floodgates for black hats. These vulnerabilities currently affect businesses, civilians, and federal government organizations. If security researchers know about this, malicious hackers most certainly do. Stealing sensitive information is quite simple without the patch, as you are giving total administrative access to a cyber criminal. Some of the most significant hacks in history were a result of unpatched vulnerabilities.These new vulnerabilities are another possible gateway to catastrophe.
Take action and update your Symantec and Norton software now; don’t wait to be hacked.