Symantec warns of serious security holes – in Symantec security kit
Symantec is advising users of its Endpoint Protection (SEP) software to update their systems, after three vulnerabilities were reported in the computer defense tools.
Two of the bugs – a cross-site scripting (XSS) flaw, and a SQL injection vulnerability – are in the SEP Management Console, a web-based portal you can log into over a network or locally on the SEP management server. Both of the programming blunders can be exploited by a user logged into the console to gain higher privileges within the system.
The other bug, in SEP's SysPlant.sys driver, can be exploited to bypass SEP's security controls, which are supposed to stop users from running dodgy or untrusted code on their work PCs. With the driver sidestepped, malicious code can take a shot at attacking a machine.