Last night, a critically severe security bug that affects most Norton antivirus products, was made public. This bug affects all platforms (Windows servers & end-user work stations, Mac and Linux), and it requires no user interaction.
Symantec automatically scans incoming files, and therein lies the problem. If the virus is crafted in a certain way, it can cause things to go haywire – again, without any user interaction. For Windows, the bug can cause the entire system to crash into what’s commonly known as a BSOD (Blue Screen of Death). For Linux, it can allow an attacker to gain root access. This is very, very bad.
The bug was discovered by Tavis Ormandy, a Security Engineer at Google’s Project Zero, and additional details were posted on https://bugs.chromium.org/p/project-zero/issues/detail?id=820.
Remediation. Symantec has released updates for their software that fixes this bug. Some products will be updated automatically, but many products must also be updated manually. If you use Symantec’s software (Norton antivirus, for example), we urge you to check for software updates immediately.
As a general rule of thumb, you should always keep your software up-to-date. One of our first blog posts back in 2013 discusses just three software platforms and why they need to be kept updated.