Symantec patches AV hole
Symantec has issued a fix for a vulnerability that could cause its security tools to crash or be potentially hijacked by malware. If the software scans a booby-trapped RAR archive, it can wind up attempting to execute code smuggled within, we're told.
The decomposer engine used for antivirus protection in 18 different Symantec enterprise and personal security products contains a pair of flaws that can be exploited to pull off denial-of-service attacks or possibly remote code execution.
Both vulnerabilities were discovered and reported by Tavis Ormandy of Google's Project Zero.
More Symantec and Norton remote code execution vulnerabilities fixed today, full advisory is here. https://t.co/BLnaUQuI9l— Tavis Ormandy (@taviso) September 20, 2016
Users and administrators are advised to test (if needed) and install the patches as soon as possible. ®