Symantec and Norton antivirus software used widely throughout government contain multiple critical vulnerabilities that could allow an attacker remote root access to agency systems, according to the Department of Homeland Security’s U.S. Computer Emergency Readiness Team.
“Some of these products are in widespread use throughout government and industry. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system,” U.S.-CERT announced Tuesday.
Symantec has released patches for 24 cross-platform products affected by the vulnerabilities, which it says have prompted “a very serious event” because some “can be triggered remotely using a malicious file (via email or link) with no user interaction.”
“A remote, unauthenticated attacker may be able to run arbitrary code at root or SYSTEM privileges by taking advantage of these vulnerabilities,” the alert explains. “Some of the vulnerabilities require no user interaction and are network-aware, which could result in a wormable-event.”
U.S.-CERT urges users to patch their Symantec or Norton antivirus products immediately, though there’s no evidence that the vulnerabilities have been exploited.
However, “the ease of attack, widespread nature of the products, and severity of the exploit may make this vulnerability a popular target,” the alert stated.