What is it?
A major hole has been discovered in the core Symantec antivirus engine by a security expert in Google’s Project Zero team. The engine, used across Symantec’s main security products including Norton Antivirus – one of the most widely used AV products – is vulnerable to a crafted and malformed ‘portable-executable’ (PE – .acm, .ax, .cpl, .dll, .drv, .efi,.exe, .mui, .ocx, .scr, .sys, or .tsp) header file.
What does it do?
Email attachments or malicious websites could exploit this hole to cause a catastrophic crash, the dreaded Blue Screen of Death.
How do I protect myself?
Symantec has been quick to respond to this vulnerability and the software is already being patched via LiveUpdate, the application that downloads and installs security updates and software patches, so if you’ve recently had an update run on your machines, odds are the fix is already there. To be absolutely certain you’re covered though, you can manually run LiveUpdate to download the patched engine, by navigating to LiveUpdate in your antivirus programme’s interface and running it until all the available updates have been installed.
Even more importantly though, as this nasty little glitch can attack your machines via an email attachment be sure to have a read of our previous post about protecting yourself from malicious email viruses.
If you would like to have a chat about cyber security, drop us a line at firstname.lastname@example.org.