Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month, online, via Jitsi Meet.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] [OT] Google Found Disastrous Symantec and Norton Vulnerabilities That Are 'As Bad As It Gets'



Does anyone have a technical description of how exactly this 
vulnerability operates? A magazine like Fortune won't provide that 
information because 99% of their readers couldn't understand it.  The 
nearest they come is the sentence:

    "The vulnerabilities affect a ?decomposer engine??a program that
    unpacks compressed files in order to help scan for potentially
    malicious ones?that?s used across Symantec?s products."

This sounds like it uncompresses .gz files and extracts the contents of 
.tar.gz and .zip files.  But I can't imagine how that could result in 
transferring execution control to code inside those files.

    Mark Rosenthal
    mbr at arlsoft.com <mailto:mbr at arlsoft.com>



On 6/29/16 1:26 PM, Stephen Ronan wrote:
>
> From: Lauren Weinstein <lauren at vortex.com>
> Subject: [ NNSquad ] Google Found Disastrous Symantec and Norton 
> Vulnerabilities That Are 'As Bad As It Gets'
> Date: June 29, 2016 at 11:27:40 AM EDT
> To: nnsquad at nnsquad.org
>
>
> Google Found Disastrous Symantec and Norton Vulnerabilities That Are 
> 'As Bad As It Gets'
>
> http://fortune.com/2016/06/29/symantec-norton-vulnerability/
>
>      Google's "project zero" team, a group of security analysts
>     tasked with hunting for computer bugs, discovered a heap of
>     critical vulnerabilities in Symantec and Norton security
>     products.  The flaws allow hackers to completely compromise
>     people's machines simply by sending them malicious
>     self-replicating code through unopened emails or un-clicked
>     links.  The vulnerabilities affect millions of people who run
>     the company's endpoint security and antivirus software, rather
>     ironically to protect their devices.  Indeed, the flaws
>     rendered all 17 enterprise products (Symantec brand) and eight
>     consumer and small business products (Norton brand) open to
>     attack.
>
> - - -
>
> --Lauren--
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://lists.blu.org/mailman/listinfo/discuss
>




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org