Symantec Zero Day Flaw
-
Symantec’s Endpoint Protection product has three zero-day flaws that could allow a logged-in user to move to a higher access level on a computer, according to a penetration testing and training company.
The three flaws, all known as privilege escalation vulnerabilities, were found during a security test of a financial services company, said Mati Aharoni, lead trainer and developer for Offensive Security, in a phone interview late Tuesday.
-
@thecreativeone91 said:
Symantec’s Endpoint Protection product has three zero-day flaws that could allow a logged-in user to move to a higher access level on a computer, according to a penetration testing and training company.
The three flaws, all known as privilege escalation vulnerabilities, were found during a security test of a financial services company, said Mati Aharoni, lead trainer and developer for Offensive Security, in a phone interview late Tuesday.
I saw Symantec and knew it would be bad news. Always is.
-
Ouch, that's really bad. For a security product to have that kind of vulnerability. Of course, security products are more likely to be attack targets because they have to have higher privileges than most products.
-
I'm reaching out to some folks internally to see what info I can supply
-
Symantec Endpoint was in place when I took over as solo IT guy 3 1/2 years and while I've always found Symantec bloated, it has worked well and have just kept it over the years. That said, I had a rash of weird issues with it last week...a lot of calls on people getting alerts for weird html files.
-
This post is deleted! -
@PackMatt73 said:
I'm reaching out to some folks internally to see what info I can supply
Thanks for popping in. Great to see active vendors.
-
-
@ajstringham said:
@thecreativeone91 said:
Symantec’s Endpoint Protection product has three zero-day flaws that could allow a logged-in user to move to a higher access level on a computer, according to a penetration testing and training company.
The three flaws, all known as privilege escalation vulnerabilities, were found during a security test of a financial services company, said Mati Aharoni, lead trainer and developer for Offensive Security, in a phone interview late Tuesday.
I saw Symantec and knew it would be bad news. Always is.
I have yet to find a useful Symantec product
-
I've used Netbackup for years. It is awesome. Used it almost continuously since 2004 at three different companies.
I've even built Netbackup RPM packages.
-
Who let Matt in here?
buhahahaha
-
@Texkonc said:
Who let Matt in here?
buhahahaha
Just saw @scottalanmiller 's comment. Yeah, ditto that Tex.