The federal government is warning the public about newfound issues with long-established anti-virus brands.
All anti-virus products under the Symantec and Norton brands “contain multiple vulnerabilities,” according to the alert issued this week by the U.S. Computer Emergency Readiness Team, a division of the U.S. Department of Homeland Security.
The alert continues:
Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system. …
The large number of products affected (24 products), across multiple platforms (OSX, Windows, and Linux), and the severity of these vulnerabilities … make this a very serious event.
These vulnerabilities were first detailed in a blog post from Project Zero, Google’s team of security analysts who seek out software vulnerabilities that could be exploited by hackers.
Symantec Corp. has since patched all reported problems and issued software updates for them, the company reports on its FAQ page devoted to the matter. Symantec also notes that it is not aware of the vulnerabilities having been exploited.
Symantec owns both the Symantec product line, primarily for businesses, and Norton product line, for consumers.
According to the company’s own latest advisory about the vulnerable products, all affected Norton products have been updated through the software’s LiveUpdate feature, which either runs automatically at regular intervals or can be run interactively by users.
If you have a Norton program and want to run LiveUpdate to ensure the program is updated, Symantec provided these instructions:
Access LiveUpdate in the product. Run LiveUpdate until all available updates are downloaded and installed.
The Help -> About Box in the product [user interface] will show the version 22.7.0.x if the update has been successfully applied.
For more information, visit the Symantec’s “How to run LiveUpdate in your Norton product” support page.
What’s your take on this news? Share your reaction below or on Facebook.