Posted on Wednesday, September 21 2016 @ 16:15 CEST by Thomas De Maesschalck
This is exactly what happened to Symantec as Google security researcher Tavis Ormandy discovered it's possible to execute arbitrary code by crafting a RAR file with malicious code hidden inside its header. Ormandy writes Symantec used an ancient version of unrarsrc that hadn't been updated for years, despite publicly documented flaws. This made it possible to crash Symantec's software due to an out-of-bounds read error (CVE-2016-5309) or memory corruption (CVE-2016-5310).
Symantec claims it's a mild vulnerability that enabled an application-level denial of service condition but Ormandy does not agree with this assessment and claims these are remote code execution vulnerabilities at the highest possible privilege level. He also released proof-of-concept code.
A large number of Symantec products are affected, such as the company's flagship product, the Symantec Endpoint Protection (for Mac, Linux, and Windows), Symantec Endpoint Protection Cloud (SEPC) (for Mac and Windows), Symantec Protection Engine, Symantec Web Gateway, and many of its other enterprise and server solutions.As Softpedia reports, Symantec fixed all issues with patches, which will be distributed via the firm's LiveUpdate software.
