Does anyone have a technical description of how exactly this
vulnerability operates? A magazine like Fortune won't provide that
information because 99% of their readers couldn't understand it. The
nearest they come is the sentence:
"The vulnerabilities affect a “decomposer engine”—a program that
unpacks compressed files in order to help scan for potentially
malicious ones—that’s used across Symantec’s products."
This sounds like it uncompresses .gz files and extracts the contents of
.tar.gz and .zip files. But I can't imagine how that could result in
transferring execution control to code inside those files.
Mark Rosenthal
[email protected] <mailto:[email protected]>
On 6/29/16 1:26 PM, Stephen Ronan wrote:
From: Lauren Weinstein <[email protected]>
Subject: [ NNSquad ] Google Found Disastrous Symantec and Norton
Vulnerabilities That Are 'As Bad As It Gets'
Date: June 29, 2016 at 11:27:40 AM EDT
To: [email protected]
Google Found Disastrous Symantec and Norton Vulnerabilities That Are
'As Bad As It Gets'
http://fortune.com/2016/06/29/symantec-norton-vulnerability/
Google's "project zero" team, a group of security analysts
tasked with hunting for computer bugs, discovered a heap of
critical vulnerabilities in Symantec and Norton security
products. The flaws allow hackers to completely compromise
people's machines simply by sending them malicious
self-replicating code through unopened emails or un-clicked
links. The vulnerabilities affect millions of people who run
the company's endpoint security and antivirus software, rather
ironically to protect their devices. Indeed, the flaws
rendered all 17 enterprise products (Symantec brand) and eight
consumer and small business products (Norton brand) open to
attack.
- - -
--Lauren--
_______________________________________________
Discuss mailing list
[email protected]
http://lists.blu.org/mailman/listinfo/discuss
_______________________________________________
Discuss mailing list
[email protected]
http://lists.blu.org/mailman/listinfo/discuss
