Symantec scrambles to patch severe holes in 26 products

iTnews (AUS) ^ | Jun 29 2016 12:09PM | Juha Saarinen

[Utilizer]

Symantec enterprise and Norton security product users are being urged to patch their applications immediately after multiple dangerous vulnerabilities were discovered.

The security firm has advised that 17 enterprise security products and nine Norton consumer offerings are affected.

Google Project Zero researcher Tavis Ormandy discovered the flaws. The most serious is that the products unpack compressed executables in the operating system kernel to analyse them for malicious code.

He said this dangerous practice means the vulnerability can be exploited by simply sending a link or an email - users don't need to do anything to activate an attack.

[Utilizer]

Sorry, you lot. Don't know how I missed this one but a customer asked and I looked it up -and she was right to be concerned it would appear!

[Gaffer]

I gave up on Sysmantec and McAfee years ago. Both trashed my computer with endless delays and disappointments. I use Microsoft Essentials now and have not problems.

Those two big Virus protection programs are just junk in my opinion.

[Ray76]

Symantec sux... for years.

[Utilizer]

Ping!

Thought this might be of interest to your PingList, mate. :O)

Cheers!

[SpaceBar]

Good thing they don’t make boats.

[TChad]

Here's the Symantec response:

https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00

Anyone having a Symantec AV product should run Live Update, wait for the updates to install, reboot if requested, then repeat that process until all updates are installed and no reboot is requested. Then run a full scan.

[EinNYC]

Symantec is junk I discarded years ago. So is McAfee. I like Kaspersky. That is one tough internet security software. Been using it for years.

[lysie]

.

[Flick Lives]

The most serious is that the products unpack compressed executables in the operating system kernel to analyse them for malicious code.

The ultimate computer virus; one that is triggered by the anti-virus scanning software.

[johncatl]

Kaspersky, Eset NOD32 and Bitdefender are my choices.

add malwarebytes free or paid for an additional level of security

Amazon has great prices on AV software.

[Scrambler Bob]

M4L. Security

[Cobra64]

Symantec software IS a virus. You have to download their uninstall software to uninstall their software. Otherwise there are dozens of files embedded all over the place. Symantec is cancer-ware.

[Cobra64]

Yup. I hate it.

[Cobra64]

If I couldn’t uninstall that crap on a new machine, I’d give my sabotaged machine to a democrat.

[Cobra64]

Kaspersky is excellent.

[Gaffer]

When I had it on my computer, I got the distinct sense that program was sifting through every damned file on my computer and anything coming in or going out looking for information that it could give to the CIA, FBI or the NSA.

Hell, that company probably IS NSA, IMO.

[SgtHooper]

Bingo! They’ve gone the way of the dinosaurs. I cannot believe Symantec even pushes this crap. McAfee isn’t far behind in the progression to nothing.

[dayglored]

Symantec: 26 Products Have "Severe Holes" ... PING!

You can find all the Windows Ping list threads with FR search: just search on keyword "windowspinglist".

Thanks to Utilizer for the ping!!

[hsmomx3]

That’s a lot of patches!

I use MSFT Security Essentials along with Malwarebutes

[GOPJ]

I run live update every few days and noticed some large downloads... two days running. That must have been the corrections.