Following Google Project Zero’s Tavis Ormandy’s How to Compromise the Enterprise Endpoint post last Tuesday, Symantec have advised everyone using their products to update them immediately.
There is a US-CERT alert here, and Symantec’s own advisory here.
What does this actually mean?
Several of the issues resolved in the updates have a potential consequence of remote code execution. Some even look worm’able.
Even sending code by email to a recipient in an organisation where Symantec products scan attachments may result in a back door.
To give you an idea of the severity of the issues this is what one commentator on Hacker News had to say:
As @johnwineman so eloquently put it:
