Symantec Flaw Takes the Secure out of Security

Symantec's antivirus tools expose Mac, Windows, and Linux to hackersSymantec's antivirus tools expose Mac, Windows, and Linux to hackers

The flaw, discovered by Tavis Ormandy, is rooted in Symantec's antivirus engine and takes advantage of the way it intercepts system input and output. Simply scanning a file or incoming email message, for example, is enough to trigger the exploit—no need to open files or messages.

For Mac and Linux users, that means an incoming email they never notice could open their computer to attack. For Windows users it's even worse because the exploit also exposes the operating system kernel.

That's pretty scary news, especially since people are relying on Symantec's products to keep their computers safe, not expose them to hackers. Assuming users are updating their software regularly, they should be safe, but we do live in a world filled with procrastinators, which means eventually someone will get stung by this exploit.

There are a couple take aways here: First, security software isn't magic and isn't should be another part of your safe computing strategy, not the only line of defense. Second, Symantec did the right thing by responding to the exploit discovery quickly and openly.

If you're a Symantec or Norton security software user and haven't updated your apps this week, hop to it before some hacker releases an exploit into the wild.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

WIN an iPhone 16 Pro!