Endpoint protection product of Symantec has a zero-day flaw
The endpoint protection product of Symantec has a zero-day flaw in the software driver and it is quite tricky to fix. The security company wrote that the flaw is in the driver of Application and Device Control which is in 11. x and 12. x versions of Endpoint Protection.
On Tuesday, a short video was released by Offensive Security, which is famous for the Kali Linux penetration testing software that demonstrated a successful exploit. It previews proof-of-concept code during its training class called "Advanced Windows Exploitation" at the Black Hat security conference which will be held in Las Vegas next month.
The flaws have been reported to the response teams of computer emergency. Symantec also said that it is aware of the flaws that have been reported and is investigating.
The flaws aid in a greater access to a computer to which a person is already logged in. That access can then be put into system access that opens the potential for other attacks like dumping hashes or identifying the cache credentials of domain administrators.
It is ironic that an opening to Offensive Security was given by the fault in security software, but it is definitely not unheard of.
All the vulnerabilities are privilege escalation vulnerabilities which allow a user with restricted access in order to gain greater access on a computer that could be put into access of a broader network.
Symantec said that no known compromises have till now been reported and utmost care and urgency are being followed to handle the medium severity flaw.
It is not easy to upgrade software drivers. It was not even exactly clear if the users will have to reinstall the Endpoint Protection along with an upgraded driver or if Symantec will be able to issue a patch.
The overall ‘asthma epidemic’ among children has...Read More
People in huge numbers gathered in the Mount Lofty...Read More
As New Year is approaching, people have already...Read More
Alzheimer’s disease, the commonest cause of...Read More
Cases of opioid abuse have been increasing and...Read More
In an announcement made on December 22, cable giant...Read More