grandeduc - Fotolia

News Stay informed about the latest enterprise technology news and product updates.

Risk & Repeat: More critical Symantec vulnerabilities emerge

Listen to this podcast

In this Risk & Repeat podcast, SearchSecurity editors discuss a new Google Project Zero report on yet another round of critical Symantec vulnerabilities.

A second bug report from Google Project Zero has revealed more critical Symantec vulnerabilities and raised questions about the world's largest software security company.

Symantec was first hit with bad news in May when Project Zero researcher Tavis Ormandy reported a series of critical Symantec vulnerabilities, the most serious of which was a flaw in the company's antivirus scanning engine. Ormandy explained the scanning engine is loaded into the kernel on Windows systems, which would enable attackers to execute remote memory corruption by simply sending an email to a potential victim. "[T]his is about as bad as it can possibly get," he wrote at the time.

But Ormandy used similar words -- "These vulnerabilities are as bad as it gets" -- last week to describe the latest round of critical flaws within the Symantec core software engine, which this time around affects the company's entire consumer-to-enterprise product line. Ormandy revealed that Symantec is using unpatched, outdated open source software within its core engine, leading to remote code execution and memory corruption vulnerabilities. "They don't require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible," Ormandy wrote in the newest bug report. "In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption."

While Symantec worked with Project Zero to address the newest flaws and released patches for its software, some of the enterprise's products cannot be automatically updated and require administrators to perform the update.

In this episode of SearchSecurity's Risk & Repeat podcast, site editors Rob Wright and Peter Loshin examine the newest batch of Symantec vulnerabilities, what the vulnerabilities mean for the company and its reputation and what may be next for Symantec.

Next Steps

Risk & Repeat: Acer breach highlights payment security shortcomings

Risk & Repeat: Ransomware worms raises concerns for enterprises

Risk & Repeat: Cyberextortion and bug poaching plaguing enterprises

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

How will the latest discovery of critical vulnerabilities affect Symantec?
We use to use their security for our company but we have switched to another vendors. The little issue we kept having with Symantec was the driving force for the change. Maybe they can turn thing around.
However it might affect Symantec will be of little concern to us. We've extracted the software (with undue difficulty) from every machine here and advised our clients to do the same. It's unlikely any of us would want to see it return.
Very concerned! As a long time user who relies on the product this is disconcerting. And having recommended Symantec to my clients, many of whom questioned if Symantec would slow down their systems, this is a bit of pie in the face!