Home News Security flaw found on Symantec antiviruses that exposes Linux, Mac and Windows

Security flaw found on Symantec antiviruses that exposes Linux, Mac and Windows

by Sia
675 views

If you’re running antivirus software from Symantec, you might want to update those softwares ASAP as someone has found a major vulnerability that is able to compromise Linux, Mac and Windows.

First discovered by Google’s Tavis Ormandy, this flaw works when you use an early version of the Aspack compression tool to squeeze executables. By doing so, you’ll be able to trigger a remote heap overflow in the Symantec process, allowing the attack to gain root access on Mac, Linux and Unix. For Windows, the same actions would result in a remote ring0 memory corruption vulnerability.

The best (or worse) part of this vulnerability is how ridiculously easy it is to trigger it. As Symantec is intercepting system input and output, all you really need to do is to email a file or send a web link, which would trigger said vulnerability. The victim doesn’t even need to click on the email or said web link to be exposed.

Symantec has since issued a patch to all of its antivirus suites via LiveUpdate, so you should prioritize that patch ASAP. 

Source: Chromium, Engadget

You may also like