18th March 2016

Symantec’s enterprise anti-malware package has several security flaws in it.

This shows that even computers “protected” with anti-malware can still be hacked to an extent. SEP is commonly used in large institutions such as Lancaster Univeristy and often has kernel privileges. What I find worrying about this is that an attacker can potentially weaponise these vulnerabilities and exploit them getting access to an enterprise network without the sys admins knowing. Furthermore with the XSS vulnerbility in the management console, the sys admins themselves could be compromised!