PSA: Norton Enterprise
-
How to Compromise the Enterprise Endpoint
Posted by Tavis Ormandy. Symantec is a popular vendor in the enterprise security market, their flagship product is Symantec Endpoint ...
-
These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.
As Symantec use the same core engine across their entire product line, all Symantec and Norton branded antivirus products are affected by these vulnerabilities, including:
- Norton Security, Norton 360, and other legacy Norton products (All Platforms)
- Symantec Endpoint Protection (All Versions, All Platforms)
- Symantec Email Security (All Platforms)
- Symantec Protection Engine (All Platforms)
- Symantec Protection for SharePoint Servers
- And so on.
"PSA: Norton Enterprise" is a bit too narrow, really. Seems like it should be "PSA: Everything Norton and Symantec is insecure. Yes, even that."
Now to go clean up my grandmother's new laptop. It seems to have an infection.
-
Oh joy, one more thing I can bring up that my client company uses that they'll ignore security issues with.
-
If it says Norton, Symantec or McAfee...it is safe to assume that it is total shit and overpriced.
Monorail -
project-zero -
Project Zero -
Monorail
