Click to Skip Ad
Closing in...
  1. Amazon Dash Smart Shelf
    15:16 Deals

    I’m obsessed with this Amazon gadget you’ve never heard of – and it&#821…

  2. Prime Day Deals 2021
    04:05 Deals

    Amazon Prime Day deals 2021: See hundreds of the best deals right here

  3. Prime Day Nest Thermostat Deal
    16:28 Deals

    The newest Nest Thermostat rarely goes on sale, but it’s $99.98 for Prime Day

  4. Withings Prime Day Deals
    21:32 Deals

    Check out these 5 Prime Day deals on popular Withings smart gadgets

  5. MyQ Smart Garage Door Opener
    08:38 Deals

    Epic Prime Day 2021 deal: MyQ smart garage opener is on Amazon for $17




Google just shamed the antivirus software you probably use, so update immediately

June 29th, 2016 at 11:23 AM
Symantec Norton Security Updates

Whether you’re looking to protect your PC or an entire fleet of computers, chances are you’ve either considered or have ended up purchasing products from Symantec. The company sells consumer software under the Norton brand, in addition to Symantec Endpoint Protection that targets enterprises. The bad news is that both products were just shamed by Google’s Project Zero security team, which found critical errors that leave users at risk.

In fact, Google’s security hacker Tavis Ormandy discovered numerous vulnerabilities in 25 different Norton and Symantec products, and he said they are “as bad as it gets.”

MUST READ: The iPhone 7 nightmare

“These vulnerabilities are as bad as it gets,” Ormandy wrote. “They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.”

Rather than protecting users from malicious programs, the anti-virus programs could end up helping hackers by making it even easier to target these machines – essentially, a hacker could simply have to attack the software intended to protect a computer, rather than the computer itself.

“Just emailing a file to a victim or sending them a link to an exploit is enough to trigger it – the victim does not need to open the file or interact with it in any way,” Google’s researcher said.

Google’s team looks for zero-day security holes in various products and found issues in antivirus products from Trend Micro in the past. The researchers give companies 90 days plus a two-week grace period to fix issues, after which point they’re revealed to the public.

The good news is that Symantec has taken swift action and all the issues were fixed in an update that was already sent to customers by the time Ormandy published his findings. Even so, while antivirus software on some systems is updated automatically, not all computers are set up that way. Admins might have to perform the updates themselves.

It’s still disconcerting to find out that one of the top antivirus makers out there had so many bugs in software meant to protect users from malicious hackers. More details about the software issues found in Symantec and Norton products are available at the source links – and make sure you update all your Symantec products immediately.

Chris Smith started writing about gadgets as a hobby, and before he knew it he was sharing his views on tech stuff with readers around the world. Whenever he's not writing about gadgets he miserably fails to stay away from them, although he desperately tries. But that's not necessarily a bad thing.




Popular News