Symantec won't patch 'catastrophic' security flaws until mid-July

Page 2 of 2 FirstFirst 12

  1. Posts : 21
    Windows 10
       #10

    Okay, if you want to believe The Inquirer and Google rather than Symantec who says:

    "All Norton products have been updated through LiveUpdateTM. Customers of Symantec Enterprise products should check the chart below to determine which products have been updated automatically and which require product updates."

    Dated June 28, 2016.
      My Computer

  2. PaulGo's Avatar
    Posts : 148
    Windows 10, 64 bit
    Thread Starter
       #11

    Here is another article on this:

    Google finds Symantec-Norton security holes

    • 08 July 2016

    Google’s Project Zero found the flaws and stated, “These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases, on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption. As Symantec use the same core engine across their entire product line, all Symantec and Norton-branded antivirus products are affected by these vulnerabilities.”
    Norton was quick to react. Patches for its cloud-based products has started and legacy installed products will be patched shortly. Importantly, there are no known exploits at this time, but it won’t take long for cybercriminals to exploit any unpatched systems.
    iTWire - Google finds Symantec-Norton security holes

    As you can see this was dated Friday July 8 and some patches will be available shortly.
      My Computer

  3. Phone Man's Avatar
    Posts : 1,169
    Windows 10 Pro 1903 64 bit
       #12

    The original report by Google Project Zero was issued on Jun 28 and the last line states:

    Thanks to Symantec Security Team for their help resolving these bugs quickly.
    https://googleprojectzero.blogspot.c...-endpoint.html

    Norton released a fix on the June 28 with an update on June 29.

    https://www.symantec.com/security_re...id=20160628_00

    Just because all these other sites are behind the times and reporting old news.

    Jim
      My Computer


  4. Posts : 21
    Windows 10
       #13

      My Computer

  5. kado897's Avatar
    Posts : 32,837
    Windows 10 Home 64bit v1909 and insider builds
       #14

    My N360 was updated for a second time midweek.
      My Computer

  6. Phone Man's Avatar
    Posts : 1,169
    Windows 10 Pro 1903 64 bit
       #15

    Norton had a few bugs in the newly released 22.7.0.76 version and have released fixes for most of them over the last week.

    Jim
      My Computer

  7. PaulGo's Avatar
    Posts : 148
    Windows 10, 64 bit
    Thread Starter
       #16

    From the Norton website user forum:

    The Norton v22.7.0.76 update released 20-Jun-2016 includes a patch for the vulnerabilities listed in that US-CERT alert TA16-187A (link is external). From the Solutions section of that US-CERT alert: "Symantec has provided patches or hotfixes to these vulnerabilities in their SYM16-008 [9] and SYM16-010 [10] security advisories."

    See RLWA32's thread Support of NIS 21.7.0.11 Discontinued for comments from Symantec employee Tony Weiss on this topic. As noted in that thread, only the latest v22.7.x products will receive the patch.
    To the best of my knowledge, the only Symantec product line still waiting for a patch for these vulnerabilities are the workstations (desktop clients) for the cloud-managed version of Symantec Endpoint Protection - Small Business Edition (SEP/SBE) - see my comments in DynaEan's thread Norton causing BSOD.
    I agree with you that Symantec handled this entire situation poorly. Their customers deserve better.
    -----------
    Identity Safe limited compatibility with Firefox - current status | Norton Community
      My Computer


  8. sgage's Avatar
    Posts : 1,069
    Windows 10 Pro (Build 18362.418)
       #17

    Beaupeep said:
    Way to go Symantec. I now regret having used your software for nearly a decade with another 2 years to go before my NS subscription expires. Talk about a rude awakening! Time to look for something new.

    PS - Just remembered I have current subscriptions to BD Total Security & Kaspersky Internet Security. Thing is, are these safe or do they have security holes?
    I have never used anything but Windows Defender/Security Essentials and some common sense, and have not had any problems. But then, I don't do prOn sites. Oh, and I make daily backups. As far as I'm concerned, the third party anti virus stuff is just another layer of cruft and vulnerability.
      My Computer


 

Related Threads
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 20:03.
Find Us




Windows 10 Forums