The world largest search engine Google, is used for asking a lot of questions, however, users don’t necessarily turn to it for security advice, but who can stop Google, as the company finds devastating security vulnerabilities in popular antivirus software.
According to a report by Google Project Zero, shows that the users of Symantec services are more at risk when using them than when they are not using them. Google’s security hacker Tavis Ormandy discovered numerous vulnerabilities in 25 different Norton and Symantec products, which are according to him is “as bad as it gets.”
“These vulnerabilities are as bad as it gets,” Ormandy wrote in a blog post. “They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.”
BGR reported that the antivirus software could help hackers by making it even easier to target these machines, rather than protecting users from malicious programs, i.e. all a hacker need a hacker could simply have to attack the software intended to protect a computer, rather than the computer itself.
“Just emailing a file to a victim or sending them a link to an exploit is enough to trigger it – the victim does not need to open the file or interact with it in any way,” said the Google hacker.
However, the good news is that Symantec has already taken action and all the issues were fixed in an update, which has been sent to customers. So update right now.
Comments
Comments are closed.