Symantec 0 replies

Please wait...

Nemmerle Forum Mod

Voice of joy and sunshine

298,365 XP

26th May 2003

0 Uploads

28,147 Posts

5 Threads

#1 2 years ago

Hehehe... ah. Amusing bit of news some of you might enjoy:  

This vulnerability has an unusual characteristic: Symantec runs their unpackers in the Kernel!

It gets worse:  

Because Symantec uses a filter driver to intercept all system I/O, just emailing a file to a victim or sending them a link to an exploit is enough to trigger it - the victim does not need to open the file or interact with it in anyway.


On Windows, this results in remote code execution as SYSTEM, and root on all other platforms.

Derp :p