Symantec won't patch 'catastrophic' security flaws until mid-July

Page 2 of 2 FirstFirst 12
  1.    09 Jul 2016 #10

    Okay, if you want to believe The Inquirer and Google rather than Symantec who says:

    "All Norton products have been updated through LiveUpdateTM. Customers of Symantec Enterprise products should check the chart below to determine which products have been updated automatically and which require product updates."

    Dated June 28, 2016.
      My ComputerSystem Spec

  2.    09 Jul 2016 #11

    Here is another article on this:

    Google finds Symantec-Norton security holes

    • 08 July 2016

    Google’s Project Zero found the flaws and stated, “These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases, on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption. As Symantec use the same core engine across their entire product line, all Symantec and Norton-branded antivirus products are affected by these vulnerabilities.”
    Norton was quick to react. Patches for its cloud-based products has started and legacy installed products will be patched shortly. Importantly, there are no known exploits at this time, but it won’t take long for cybercriminals to exploit any unpatched systems.
    iTWire - Google finds Symantec-Norton security holes

    As you can see this was dated Friday July 8 and some patches will be available shortly.
      My ComputerSystem Spec

  3. Phone Man's Avatar
    Posts : 904
    Windows 10 Pro 1803 64 bit
       10 Jul 2016 #12

    The original report by Google Project Zero was issued on Jun 28 and the last line states:

    Thanks to Symantec Security Team for their help resolving these bugs quickly.

    Norton released a fix on the June 28 with an update on June 29.

    Just because all these other sites are behind the times and reporting old news.

      My ComputerSystem Spec

  4.    10 Jul 2016 #13

      My ComputerSystem Spec

  5. kado897's Avatar
    Posts : 22,599
    Windows 10 Home 64bit
       10 Jul 2016 #14

    My N360 was updated for a second time midweek.
      My ComputerSystem Spec

  6. Phone Man's Avatar
    Posts : 904
    Windows 10 Pro 1803 64 bit
       10 Jul 2016 #15

    Norton had a few bugs in the newly released version and have released fixes for most of them over the last week.

      My ComputerSystem Spec

  7.    11 Jul 2016 #16

    From the Norton website user forum:

    The Norton v22.7.0.76 update released 20-Jun-2016 includes a patch for the vulnerabilities listed in that US-CERT alert TA16-187A (link is external). From the Solutions section of that US-CERT alert: "Symantec has provided patches or hotfixes to these vulnerabilities in their SYM16-008 [9] and SYM16-010 [10] security advisories."

    See RLWA32's thread Support of NIS Discontinued for comments from Symantec employee Tony Weiss on this topic. As noted in that thread, only the latest v22.7.x products will receive the patch.
    To the best of my knowledge, the only Symantec product line still waiting for a patch for these vulnerabilities are the workstations (desktop clients) for the cloud-managed version of Symantec Endpoint Protection - Small Business Edition (SEP/SBE) - see my comments in DynaEan's thread Norton causing BSOD.
    I agree with you that Symantec handled this entire situation poorly. Their customers deserve better.
    Identity Safe limited compatibility with Firefox - current status | Norton Community
      My ComputerSystem Spec

  8. sgage's Avatar
    Posts : 830
    Windows 10 Home (Build 17134.320)
       11 Jul 2016 #17

    Beaupeep said: View Post
    Way to go Symantec. I now regret having used your software for nearly a decade with another 2 years to go before my NS subscription expires. Talk about a rude awakening! Time to look for something new.

    PS - Just remembered I have current subscriptions to BD Total Security & Kaspersky Internet Security. Thing is, are these safe or do they have security holes?
    I have never used anything but Windows Defender/Security Essentials and some common sense, and have not had any problems. But then, I don't do prOn sites. Oh, and I make daily backups. As far as I'm concerned, the third party anti virus stuff is just another layer of cruft and vulnerability.
      My ComputerSystem Spec

Page 2 of 2 FirstFirst 12

Related Threads
Read more: Microsoft to change location of some security updates as of May Patch Tuesday | ZDNet
Adobe updates Flash Player to resolve 79 security flaws Adobe has pushed out an updated version of Flash Player that resolves a total of 79 security flaws in its last security update of the year. The release addresses critical...
Dell, Toshiba, and Lenovo PCs at risk of bloatware security flaws in AntiVirus, Firewalls and System Security
Dell, Toshiba, and Lenovo PCs at risk of bloatware security flaws | ZDNet
Read more:
Read more:
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 04:32.
Find Us