On Tuesday, July 5, the U.S. Department of Homeland Security issued a warning to the public, stating that the popular security tools by Symantec have many critical flaws that could let hackers into computers.
The law enforcement agency posted the alert on its official website. According to the warning, all Norton and Symantec branded antivirus products have security flaws that could allow hackers "to take control" of a computer. CNN Money reports that this is actually a widespread problem and Symantec is no exception.
According to industry trackers at OPSWAT, Symantec is the fifth most popular anti-malware software. Symantec antivirus programs run on millions of computers worldwide. For government offices and companies everywhere in the world, Symantec programs are the front line of defense.
The security flaws in Symantec's products are particularly embarrassing for a tech giant. Symantec apps are given intimate access to the inside of people's computers in order to protect its customers and the flaws exploit that very trust.
According to the federal warning, that trust actually makes it easier for a virus to spread through a network of computers. Any computer that simply receives an email with a link to an infected website or containing an infected file it would be at risk. Most of the cybersecurity programs would not allow that happen.
Security researcher on Google's elite "Project Zero" security team, Tavis Ormandy, is the one who actually discovered the flaws in Symantec applications. He exposed the security issue in a blog post last week. According to him, these are serious vulnerabilities and a hacker "could easily compromise an entire enterprise fleet."
CreditUnionTimes reports that in April, Symantec was warned by Ormandy about the problem but only last week the company issued some fixes. Symantec vice president for security Adam Bromwich declared last week that updates are now available and fixes are currently in place.