This came in from Us-CERT
(US-CERT = United States Computer Emergency Readiness Team)
If you have not already, please check to be sure that your products are up to date!
National Cyber Awareness System:
TA16-187A: Symantec and Norton Security Products Contain Critical Vulnerabilities 07/05/2016 10:50 AM EDT
Original release date: July 05, 2016 Systems AffectedAll Symantec and Norton branded antivirus products OverviewSymantec and Norton branded antivirus products contain multiple vulnerabilities. Some of these products are in widespread use throughout government and industry. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system. DescriptionThe vulnerabilities are listed below: CVE-2016-2207 · Symantec Antivirus multiple remote memory corruption unpacking RAR [1] CVE-2016-2208
CVE-2016-2209
CVE-2016-2210
CVE-2016-2211
CVE-2016-3644
CVE-2016-3645
CVE-2016 -3646
ImpactThe large number of products affected (24 products), across multiple platforms (OSX, Windows, and Linux), and the severity of these vulnerabilities (remote code execution at root or SYSTEM privilege) make this a very serious event. A remote, unauthenticated attacker may be able to run arbitrary code at root or SYSTEM privileges by taking advantage of these vulnerabilities. Some of the vulnerabilities require no user interaction and are network-aware, which could result in a wormable-event. SolutionSymantec has provided patches or hotfixes to these vulnerabilities in their SYM16-008 [9] and SYM16-010 [10] security advisories. US-CERT encourages users and network administrators to patch Symantec or Norton antivirus products immediately. While there has been no evidence of exploitation, the ease of attack, widespread nature of the products, and severity of the exploit may make this vulnerability a popular target. References
Revision History
This product is provided subject to this Notification and this Privacy & Use policy.
|