LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   US-CERT Alert (TA16-187A) Symantec and Norton Security Products Contain Critical Vulnerabilities (https://www.linuxquestions.org/questions/linux-security-4/us-cert-alert-ta16-187a-symantec-and-norton-security-products-contain-critical-vulnerabilities-4175583930/)

tronayne 07-06-2016 02:42 PM
US-CERT Alert (TA16-187A) Symantec and Norton Security Products Contain Critical Vulnerabilities
 
Not exactly Linux/Unix relevant but possibly important for any Windows systems you may support.

Systems Affected

All Symantec and Norton branded antivirus products

Overview

Symantec and Norton branded antivirus products contain multiple vulnerabilities. Some of these products are in widespread use throughout government and industry. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system.
[List of 8 vulnerabilities]

Impact

The large number of products affected (24 products), across multiple platforms (OSX, Windows, and Linux), and the severity of these vulnerabilities (remote code execution at root or SYSTEM privilege) make this a very serious event. A remote, unauthenticated attacker may be able to run arbitrary code at root or SYSTEM privileges by taking advantage of these vulnerabilities. Some of the vulnerabilities require no user interaction and are network-aware, which could result in a wormable-event.

See the CERT Alert at https://www.us-cert.gov/ncas/alerts/TA16-187A for Solutions and References.

Hope this helps some.

sundialsvcs 07-07-2016 07:49 AM
This is a fundamental reason why I personally do not use any "anti-virus" Isic) product: anywhere, anytime.

These products, to me, are all "snake oil," based on the flawed assumption that computer systems are somehow "biological." That they can "get infected." That rogue software is "a virus." None of these things are true.

As a human being, you can "get sick" just by walking into an elevator in which someone else too-recently sneezed. Viruses can attach themselves to your DNA and therefore your body's immune system is constantly on the lookout, destroying them. "Sucks to be human," I guess ... ;) ... but a computer is not that way.

"Anti-virus" software is extremely powerful and pervasive because it has access to everything in the system, and because it modifies files. It therefore is a very-obvious vector for attack. It has frequently been demonstrated that virus-signature files can be used to install rogue software.

But, speaking of "rogue software," this is also why I run every Internet ad-blocker I can find. Internet advertisements routinely consist of both images and code, and they have been used many times to launch DDOS attacks and other mischief. If you want millions of computers all around the world to be running your software, just conceal it in an advertisement . . .


All times are GMT -5. The time now is 10:18 AM.