Tavis Ormandy is probably Google's most famous security researcher, as he has occasionally discovered vulnerabilities in very famous products and services. This time, the researcher discovered and helped Symantec identify a serious security issue that affected Antivirus Engine, the core of many company security products.
Ormandy explains that in some cases, when a certain type of data reaches the Symantec Antivirus Engine (SAE), the product handles these files in an unsafe way leading to a buffer overflow.
"When parsing executables are packaged from an early version of aspack, a buffer overflow may occur in the Symantec Antivirus core engine that useson most branded products from Symantec and Norton”, says Ormandy.
So the vulnerability CVE-2016-2208 επηρεάζει σχεδόν όλα τα προϊόντα της Symantec, όπως το Symantec Endpoint Antivirus, το Norton Antivirus, το Symantec Scan Engine, και το Symantec Email Security.
Ormandy argues that, in theory at least, the error should affect any other product Symantec has developed with SAE.
The researcher uncovered the problem with the security company, and she released a patch that all customers need to download and install.