Severe Vulnerability Was Detected In Symantec Antivirus Products
Severe Vulnerability Was Detected In Symantec Antivirus Products CVE-2016-2208 A vulnerability related to how AVE parses executable files compressed using ASPack software. The problem affects several Symantec and Norton, including Symantec Endpoint Antivirus, Norton Antivirus, Symantec Email Security, and Symantec Scan Engine. As the Symantec Corporation said in its advisory on the issue dubbed CVE-2016-2208. “No user interaction is required to trigger the parsing of the malformed file.” A security researcher from Google Project Zero, Tavis Ormandy, said that “For Linux, OS X, and other Unix-like systems, the exploit results in a remote heap overflow as root in the Symantec or Norton process, and On Windows, this results in kernel memory corruption, as the scan engine is loaded into the kernel (wtf!...