Menu
Zero-day flaws found in Symantec's Endpoint Protection

Zero-day flaws found in Symantec's Endpoint Protection

Offensive Security said the flaws could be used to gain full system access

Symantec's Endpoint Protection product has three zero-day flaws that could allow a logged-in user to move to a higher access level on a computer, according to a penetration testing and training company.

The three flaws, all known as privilege escalation vulnerabilities, were found during a security test of a financial services company, said Mati Aharoni, lead trainer and developer for Offensive Security, in a phone interview.

Offensive Security, famous for its Kali Linux penetration testing software, released a short video on Tuesday demonstrating a successful exploit. It plans to preview proof-of-concept code during its "Advanced Windows Exploitation" training class at the Black Hat security conference in Las Vegas next month.

The flaws have been reported to computer emergency response teams. Symantec officials did not have an immediate comment.

The flaws allow greater access to a computer where a person is already logged in. From there, that access can eventually be parlayed into system access, which opens up the potential for other attacks, such as dumping hashes or identifying the cache credentials of domain administrators, Aharoni said.

Offensive Security didn't specifically target Endpoint Security during its penetration test, but realized that if it did have a flaw, it would result in a catastrophic compromise, Aharoni said. Endpoint Protection was running on "hundreds if not thousands of computers" in the financial services company, Aharoni said.

Although it's ironic that a fault in security software gave Offensive Security an opening, it's not unheard of.

"I don't think that security software is any different than anything else," Aharoni said. "The developers of security software aren't necessarily more security aware."

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags symantecsecurityOffensive SecurityExploits / vulnerabilities

Featured

Slideshows

HP channel recognised at 2017 Partner Awards

HP channel recognised at 2017 Partner Awards

The HP Partner Awards 2017 at Shed 10 kicked off with an AMD-sponsored hackers lounge, a mysterious gaming style area filled with dry ice and red lasers, the waiters wearing Mr Robot style masks.

HP channel recognised at 2017 Partner Awards
Tech industry comes together as Lexel celebrates turning 30

Tech industry comes together as Lexel celebrates turning 30

Leading figures within the technology industry across New Zealand came together to celebrate 30 years of success for Lexel Systems, at a milestone birthday occasion at St Matthews in the City.​

Tech industry comes together as Lexel celebrates turning 30
HP re-imagines education through Auckland event launch

HP re-imagines education through Auckland event launch

HP New Zealand held an inaugural Evolve Education event at Aotea Centre in Auckland, welcoming over 70 principals, teachers and education experts to explore ways of shaping and enhancing learning using technology.

HP re-imagines education through Auckland event launch
Show Comments